Kubernetes Secrets Store CSI Driver
Secrets Store CSI Driver for Kubernetes secrets - Integrates secrets stores with Kubernetes via aContainer Storage Interface (CSI) volume.
The Secrets Store CSI Driversecrets-store.csi.k8s.io allows Kubernetes to mount multiple secrets, keys, and certs stored in enterprise-grade external secrets stores into their pods as a volume. Once the Volume is attached, the data in it is mounted into the container’s file system.
Want to help?
Join us to help define the direction and implementation of this project!
- Join the#csi-secrets-store channel onKubernetes Slack.
- Join theMailing list to receive notifications for releases, security announcements, etc.
- UseGitHub Issues to file bugs, request features, or ask questions asynchronously.
- Joinbiweekly community meetings to discuss development, issues, use cases, etc.
Project Status
| Driver | Compatible Kubernetes | secrets-store.csi.x-k8s.io Versions |
|---|---|---|
| v1.4.0 | 1.19+ | v1,v1alpha1 [DEPRECATED] |
| v1.3.4 | 1.19+ | v1,v1alpha1 [DEPRECATED] |
SeeRelease Managementfor additional details on versioning. We aim to release a new minor version every month and intend to support the latest2 minor versions of the driver.
Features
Driver Core Functionality (Stable)
- Multiple externalsecrets store providers
- Pod portability with the
SecretProviderClassCustomResourceDefinition - Mounts secrets/keys/certs to pod using a CSI Inline volume
- Mount multiple secrets store objects as a single volume
- Linux and Windows containers
Alpha Functionality
These features are not stable. If you use these be sure to consult theupgrade instructions with each upgrade.
- Auto rotation of mounted contents and synced Kubernetes secret
- Sync with Kubernetes Secrets