Injecting secrets to K8s pods via a sidecar
Akeyless Kubernetes plugin enables containerized applications to leverage static and dynamic secrets sourced from Akeyless Vault. This plugin leverages the Kubernetes Mutating Admission Webhook to intercept and augment specifically annotated pod configuration for secrets injection using Init and Sidecar containers.
Applications need only concern themselves with finding a secret at a filesystem path, rather than managing tokens, connecting to an external API, or other mechanisms for direct interaction with secrets management system.
Sidecar container fetches secrets before an application starts, i.e. to be used by a web application that is using dynamic secrets to connect to a database with an expiring lease.
Akeyless aims to continue expanding support for K8s, and providing you a variety of options around how you can leverage Akeyless Vault to securely introduce secrets into your workflow.
For practical use of the Kubernetes plugin follow the
How to: Provision Secret to your K8s guide
Updated 6 months ago