trousseau
spiffe-vault
| trousseau | spiffe-vault | |
|---|---|---|
| 1 | - | |
| 173 | 76 | |
| 1.2% | - | |
| 1.4 | 8.3 | |
| 8 months ago | 13 days ago | |
| Go | Go | |
| Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
trousseau
-
Are you using Vault?
I usually use trousseau, the secrets are still in k8s but they are encrypted with a key that is in Vault. It is utilising Kubernetes KMS keys, so the decryption and encryption is happening automatically as long as the correct RBAC is applied.
spiffe-vault
We haven't tracked posts mentioning spiffe-vault yet.
Tracking mentions began in Dec 2020.
What are some alternatives?
external-secrets - External Secrets Operator reads information from a third-party service like AWS Secrets Manager and automatically injects the values as Kubernetes Secrets.
spire - The SPIFFE Runtime Environment
medusa - A cli tool for importing and exporting Hashicorp Vault secrets
cosign - Code signing and transparency for containers and binaries
teller - Cloud native secrets management for developers - never leave your command line for secrets.
vault-secrets-operator - Create Kubernetes secrets from Vault for a secure GitOps based workflow.
in-toto-golang - A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.
vault-creds - Sidecar container for requesting dynamic Vault database secrets
helm-secrets - A helm plugin that help manage secrets with Git workflow and store them anywhere
boundary - Boundary enables identity-based access management for dynamic infrastructure.