secrets-manager
secrets-manager copied to clipboard
vmware-tanzu
VMware Secrets Manager for Cloud-Native Apps is a lightweight secrets manager to protect your sensitive data. It’s perfect for edge deployments where energy and footprint requirements are strict—See m...
For the K8s secrets created by Vsecm, add ``` annotations: app.kubernetes.io/managed-by= ``` as a marker to know this secret is created by VsecM
there are various backoff algorithms in the codebase determine all of them rewrite them to use https://pkg.go.dev/github.com/cenkalti/backoff/v4 it’s better to rely on a tried and tested algorithm than using our...
right now, a secret can have multiple namespace associations, but the namespaces are never validated during Fetch() Fetch() shoudld ensure that secrets can only be delivered to workloads that have...
VSecM high-trust mode: Use a PKCS#11 interface to store VSecM root keys in a hardware security module and keep secrets encrypted (even in memory). When a workload requires a secret...
kind: VSecMSecret VSecM shall create a kind:Secret with all the labels and annotations that a secret may have. For that maybe we’ll need a kind VSecmSecret safe -s "gen:{json}" --k8s-secret...
think about a way to securely share root key material across vsecm instances in different clusters
Metadata
Owner
Metadata
VMware Secrets Manager for Cloud-Native Apps is a lightweight secrets manager to protect your sensitive data. It’s perfect for edge deployments where energy and footprint requirements are strict—See m...