bank-vaults

A Vault swiss-army knife: a K8s operator, Go client with automatic token renewal, automatic configuration, multiple unseal options and more. A CLI tool to init, unseal and configure Vault (auth methods, secret engines). Direct secret injection into Pods. (by banzaicloud)

Stats

Basic bank-vaults repo stats
1
1,347
9.0
6 days ago

banzaicloud/bank-vaults is an open source project licensed under Apache License 2.0 which is an OSI approved license.

Bank-vaults Alternatives

Similar projects and alternatives to bank-vaults based on common topics and language

  • GitHub repo kubernetes-external-secrets

    Integrate external secret management systems with Kubernetes

  • GitHub repo helm-secrets

    Successor of zendesk/helm-secrets - A helm plugin that help manage secrets with Git workflow and store them anywhere

  • GitHub repo k8s-image-swapper

    :wheel_of_dharma: Mirror images into your own registry and swap image references automatically.

  • GitHub repo vaku

    Vaku extends the Vault API & CLI

  • GitHub repo chaos-mesh

    A Chaos Engineering Platform for Kubernetes.

  • GitHub repo postgres-operator

    Postgres operator creates and manages PostgreSQL clusters running in Kubernetes

  • GitHub repo Databunker

    Secure storage for personal records built to comply with GDPR

NOTE: The number of mentions on this list indicates mentions on common posts. Hence, a higher number means a better bank-vaults alternative or higher similarity.

Posts

Posts where bank-vaults has been mentioned. We have used some of these posts to build our list of alternatives and similar projects - the last one was on 2021-02-28.
  • Secrets Managers for Kubernetes (Vault (Hashi), Conjur (CyberArk), Platform Specific, etc)
    reddit.com/r/devops | 2021-02-28
    Encrypted secrets can't be more than a temporary solution. That's why I'm not a fan of SOPS/Sealed Secrets/etc. I think the future for both security and usability is dynamic injection. Vault is the dopeness but I'm not a fan of the upstream Vault Injector -- shared volumes are a step backwards. It's all about the BanzaiCloud Vault Webhook -- secrets **only ever available to the running process**, rotation means: update the value in vault and bounce the pod, done. This is the way.