Kubernetes Secrets Store CSI Driver

Secrets Store CSI Driver for Kubernetes secrets - Integrates secrets stores with Kubernetes via aContainer Storage Interface (CSI) volume.

The Secrets Store CSI Driversecrets-store.csi.k8s.io allows Kubernetes to mount multiple secrets, keys, and certs stored in enterprise-grade external secrets stores into their pods as a volume. Once the Volume is attached, the data in it is mounted into the container’s file system.

Want to help?

Join us to help define the direction and implementation of this project!

• Join the#csi-secrets-store channel onKubernetes Slack.
• Join theMailing list to receive notifications for releases, security announcements, etc.
• UseGitHub Issues to file bugs, request features, or ask questions asynchronously.
• Joinbiweekly community meetings to discuss development, issues, use cases, etc.

Project Status

SeeRelease Managementfor additional details on versioning. We aim to release a new minor version every month and intend to support the latest2 minor versions of the driver.

Features

Driver Core Functionality (Stable)

• Multiple externalsecrets store providers
• Pod portability with theSecretProviderClassCustomResourceDefinition
• Mounts secrets/keys/certs to pod using a CSI Inline volume
• Mount multiple secrets store objects as a single volume
• Linux and Windows containers

Alpha Functionality

These features are not stable. If you use these be sure to consult theupgrade instructions with each upgrade.

• Auto rotation of mounted contents and synced Kubernetes secret
• Sync with Kubernetes Secrets

Supported Providers

• Akeyless Provider
• AWS Provider
• Azure Provider
• Conjur Provider
• GCP Provider
• Vault Provider