youniqx / heist
Automates provisioning and generation of secrets in HashiCorp Vault and provides them to your apps. Application secrets will never be stored in Kubernetes secrets or in ETCD. This significantly mitigates a lot of attack vectors including attacks on Kubernetes, or its control plane.
☆16Updated this week
Related projects ⓘ
Alternatives and complementary repositories for heist
- Identify kubernetes resources which are not managed by GitOps☆92Updated last week
- The Helm Charts OCI Proxy, will proxy and transform Helm Chart into OCI images on the fly. Address any Helm Chart as OCI image.☆96Updated last month
- A cluster-api bootstrap provider for deploying Talos clusters.☆111Updated last month
- ☆128Updated this week
- An easy, Talos Linux aware etcd snapshotter.☆63Updated last month
- Enterprise Distribution for Flux CD☆61Updated last week
- Capi2Argo Cluster Operator (CACO) can be deployed on a CAPI Management cluster and dynamically convert Workload cluster credentials into …☆77Updated last month
- An operator to support Haschicorp Vault configuration workflows from within Kubernetes☆110Updated last month
- Flux local dev environment with Docker and Kubernetes KIND☆156Updated 10 months ago
- flux-local is a set of tools and libraries for managing a local flux gitops repository focused on validation steps to help improve qualit…☆152Updated this week
- A control plane provider for CAPI + Talos☆68Updated last month
- Kubernetes based load balancing☆102Updated this week
- CAAPH uses Helm charts to manage the installation and lifecycle of Cluster API add-ons.☆125Updated this week
- Store and access your secrets the Kubernetes native way with any external KMS.☆178Updated last year
- rename-pvc can rename PersistentVolumeClaims (PVCs) inside Kubernetes.☆45Updated last week
- Collection of awesome talos resource from the community☆90Updated last month
- It is responsible for establishing a connection to provided Keycloak Server, reconciling realms, and clients according to the created CRs☆36Updated this week
- Import Helm Charts to OCI registries, optionally with vulnerability patching☆183Updated last week
- Flux All-In-One distribution made with Timoni☆105Updated last month
- ☆57Updated this week
- trust-manager is an operator for distributing trust bundles across a Kubernetes cluster.☆256Updated this week
- Home for Cluster API Operator, a subproject of sig-cluster-lifecycle☆169Updated this week
- Theila is the UI for all things Sidero Labs.☆46Updated 2 years ago
- approver-policy is a cert-manager approver that allows users to define policies that restrict what certificates can be requested.☆67Updated this week
- A Terraform provider for Harbor. To configure and manage all aspects of your Harbor Container Registry with Terraform Infrastructure as C…☆118Updated last week
- Kubernetes Operator to sync secrets between different secret backends and Kubernetes☆156Updated 3 months ago
- GitOps Toolkit controller that scans container registries☆109Updated this week
- An Argo CD plugin to replace placeholders in Kubernetes manifests with secrets stored in Hashicorp Vault.☆107Updated this week
- mutating webhook which rewrites container images to use a Harbor proxy cache☆71Updated 9 months ago
- konf is a lightweight kubeconfig manager. With konf you can use different kubeconfigs at the same time. And because it does not need subs…☆168Updated 2 months ago
- (Y)et (A)nother (K)ubernetes (E)ngine☆19Updated this week