Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge. Learn more →
Berglas Alternatives
Similar projects and alternatives to berglas
-
kubernetes-external-secrets
Integrate external secret management systems with Kubernetes
-
InfluxDB
Collect and Analyze Billions of Data Points in Real Time. Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge.
-
kube-secrets-init
Kubernetes mutating webhook for `secrets-init` injection
-
-
cocert
Split and distribute your private keys securely amongst untrusted network
-
infisical
♾ Infisical is the open-source secret management platform: Sync secrets across your team/infrastructure and prevent secret leaks.
-
rclone
"rsync for cloud storage" - Google Drive, S3, Dropbox, Backblaze B2, One Drive, Swift, Hubic, Wasabi, Google Cloud Storage, Yandex Files
-
Onboard AI
Learn any GitHub repo in 59 seconds. Onboard AI learns any GitHub repo in minutes and lets you chat with it to locate functionality, understand different parts, and generate new code. Use it for free at www.getonboard.dev.
-
thanos
Highly available Prometheus setup with long term storage capabilities. A CNCF Incubating project.
-
apps-script-samples
Apps Script samples for Google Workspace products.
-
Vault
A tool for secrets management, encryption as a service, and privileged access management
-
-
sealed-secrets
A Kubernetes controller and tool for one-way encrypted Secrets
-
git-secret
:busts_in_silhouette: A bash-tool to store your private data inside a git repository.
-
secrets-store-csi-driver
Secrets Store CSI driver for Kubernetes secrets - Integrates secrets stores with Kubernetes via a CSI volume.
-
deploy-cloud-functions
A GitHub Action that deploys source code to Google Cloud Functions.
-
secrets-store-csi-driver-provider-gcp
Google Secret Manager provider for the Secret Store CSI Driver.
-
-
-
kubernetes-the-hard-way
Bootstrap Kubernetes the hard way on Google Cloud Platform. No scripts.
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
berglas reviews and mentions
-
Increasing Your Cloud Function Development Velocity Using Dynamically Loading Python Classes
Google Secret Manager
-
Getting started using Google APIs: API Keys (Part 2)
API keys are easy to "leak" or compromise, so best to not only use the restrictions presented to you when you create them but physically protect them as well. Don't code them in plain-text, don't check them into GitHub, etc. Store them in a secure database or use a service like GCP Secret Manager.
-
Need some advice on API key storage
I've been looking at Google Secret Manager which sounds promising but I've not been able to find any examples or tutorials that help with the actual practical details of best practice or getting this working. I'm currently reading about Cloud Functions which also sound promising but again, I'm just going deeper and deeper into GCP without feeling like I'm gaining any useful insights.
-
Secure GitHub Actions by pull_request_target
In this post, I described how to build secure GitHub Actions workflows by pull_request_target event instead of pull_request event. Using pull_request_target, you can prevent malicious codes from being executed in CI. And by managing secrets in secrets management services such as AWS Secrets Manager and Google Secret Manager and access them via OIDC, you can restrict the access to secrets securely. To migrate pull_request to pull_request_target, several modifications are needed. And pull_request_target has a drawback that it's difficult to test changes of workflows, so it's good to introduce pull_request_target to repositories that require strong permissions in CI. For example, a Terraform Monorepo tends to require strong permissions for CI, so it's good to introduce pull_request_target to it.
-
How to Deploy and Scale Strapi on a Kubernetes Cluster 1/2
Store the Secrets in a vault like Hashicorp Vault, AWS Secrets Manager, GCP Secret Manager, etc., and then use an operator like External Secrets Operator to add them to your K8s cluster.
-
Vault Secrets in K8S, use CRD Injector ?
is the secret store csi driver used to fetch secrets from services like the: - https://aws.amazon.com/fr/secrets-manager - https://cloud.google.com/secret-manager - https://azure.microsoft.com/en-us/products/key-vault/
-
Show HN: Infisical – open-source secrets manager
This looks great! But after looking through the docs and Github, I don't know what the architecture is beyond there is a CLI and a browser UI that interact with some sort of central service.
The main thing stopping me from using Vault is that it can become a central point of failure. If the cloud provider secret managers are down then its likely that something else in the cloud is having major issues as well so from an uptime perspective and easy of operations that has always seemed a safe approach, although the pricing is kind of outrageous. But just storing (e2e encrypted, etc) in cloud object storage is also an option. Berglass for example gives the option of storing in the secret manager or in cloud storage directly: https://github.com/GoogleCloudPlatform/berglas
-
Shhhh... Kubernetes Secrets Are Not Really Secret!
Sealed Secrets are a great starting point for securing secrets, but there is an even better way. Using the External Secrets Operator (ESO) and an external secret management system like HashiCorp Vault, AWS Secrets Manager, Google Secrets Manager, or Azure Key Vault. While this is a bit more involved to set up, it is a better approach if you use a cloud provider to host your Kubernetes cluster. ESO supports many such secret managers and watches for changes to external secret stores, and keeps Kubernetes secrets in sync.
-
Web Security 101 - Part 1: Secrets
Products like Google Cloud have the authentication, authorization, secret storage, and secret retrieval built into the system you use to deploy your code.
-
Google Cloud Reference
Secret Manager: Store and manage secrets 🔗Link 🔗Link
-
A note from our sponsor - InfluxDB
www.influxdata.com | 11 Dec 2023
Stats
GoogleCloudPlatform/berglas is an open source project licensed under Apache License 2.0 which is an OSI approved license.
The primary programming language of berglas is Go.