trousseau

module
v1.1.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 8, 2022 License: Apache-2.0

README

Total alerts


Please note: We take security and users' trust seriously. If you believe you have found a security issue in Trousseau, please responsibly disclose by following the security policy.


This is the home of Trousseau, an open-source project leveraging the Kubernetes KMS provider framework to connect with Key Management Services the Kubernetes native way!

Why Trousseau

Kubernetes platform users are all facing the very same question: how to handle Secrets?

While there are significant efforts to improve Kubernetes component layers, the state of Secret Management is not receiving much interests. Using etcd to store API object definition & states, Kubernetes secrets are encoded in base64 and shipped into the key value store database. Even if the filesystems on which etcd runs are encrypted, the secrets are still not.

Instead of leveraging the native Kubernetes way to manage secrets, commercial and open source solutions solve this design flaw by leveraging different approaches all using different toolsets or practices. This leads to training and maintaining niche skills and tools increasing cost and complexity of Kubernetes.

Once deployed, Trousseau will enable seamless secret management using the native Kubernetes API and kubectl CLI usage while leveraging an existing Key Management Service (KMS) provider.

How? By using using the Kubernetes KMS provider framework to provide an envelop encryption scheme to encrypt secrets on the fly.

About the name

The name trousseau comes from the French language and is usually associated with keys like in trousseau de clés meaning keyring.

Contributing Guidelines

We love your input! We want to make contributing to this project as easy and transparent as possible. You can find the full guidelines here.

Community

Please reach out for any questions or issues via our Github Discussions.

Alternatively you can:

  • Raise an issue or PR on this repo
  • Follow us on Twitter @ondat_io

Roadmap

You can view our project board here.

License

Trousseau is under the Apache 2.0 license. See LICENSE file for details.

Directories

Path Synopsis
cmd
internal
providers
awskms Module
azurekms Module
debug Module
vault Module
proxy module
trousseau module

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL