Enlightning
Learn CNCF projects with Whitney and her lightboard ⚡️
Keeping Secrets Secret: Secrets Store CSI Driver
Keeping Secrets Secret: Secrets Store CSI Driver
Keeping Secrets Secret: Secrets Store CSI Driver
Aug 3, 2023
In this episode
Applications running on Kubernetes require access to sensitive information like passwords, SSH keys, and authentication tokens. But how do you configure your applications when the source of truth for these secrets is an external secret store? What if you need to securely store, retrieve and perform zero-touch rotation of these secrets? Meet the Secrets Store CSI Driver, a Kubernetes sig-auth sub-project providing a simple way to retrieve secrets from enterprise-grade external stores such as Azure Key Vault, AWS Secrets Manager, Google Secret Manager, and HashiCorp Vault.
In this session, we will demonstrate how to use the Secrets Store CSI Driver to mount and rotate sensitive information from external secrets stores into Kubernetes applications. We will also the discuss trade-offs of Secrets Store CSI Driver versus other solutions for accessing external secret stores, and how Secrets Store CSI Driver Custom Resource Definitions (CRDs) are used enable pod portability across Kubernetes environments.
\(^-^)/
Guests
Anish Ramasekar
Anish Ramasekar is a software engineer at Microsoft. He is on the Azure Container Upstream team building features for Kubernetes upstream and various CNCF projects that are part of the Azure Kubernetes Service. Anish is a maintainer of the Secrets Store CSI Driver project.
Hosts
Whitney Lee
Whitney is a lovable goofball who enjoys understanding and using tools in the cloud native landscape. Creative and driven, Whitney recently pivoted from an art-related career to one in tech. She is a CNCF Ambassador and active in the open source community. You can catch her lightboard streaming show ⚡️ Enlightning on Tanzu.TV. And not only does she rock at tech - she literally has toured playing in the band Mutual Benefit on keyboards and vocals.