kamus - An open source, git-ops, zero-trust secret encryption and decryption solution for Kubernetes applications

  •        327

An open source, GitOps, zero-trust secrets encryption and decryption solution for Kubernetes applications. Kamus enable users to easily encrypt secrets than can be decrypted only by the application running on Kubernetes. The encryption is done using strong encryption providers (currently supported: Azure KeyVault, Google Cloud KMS and AES). To learn more about Kamus, check out the blog post and slides. If you're running Kamus locally the Kamus URL will be like http://localhost:. So you need to add --allow-insecure-url flag to enable http protocol.

https://kamus.soluto.io
https://github.com/Soluto/kamus

Tags
Implementation
License
Platform

   




Related Projects

argo-cd - Declarative Continuous Delivery for Kubernetes

  •    Go

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Application definitions, configurations, and environments should be declarative and version controlled. Application deployment and lifecycle management should be automated, auditable, and easy to understand.

sealed-secrets - A Kubernetes controller and tool for one-way encrypted Secrets

  •    Go

Solution: Encrypt your Secret into a SealedSecret, which is safe to store - even to a public repository. The SealedSecret can be decrypted only by the controller running in the target cluster and nobody else (not even the original author) is able to obtain the original Secret from the SealedSecret. See https://github.com/bitnami-labs/sealed-secrets/releases for the latest release.

kubernetes-external-secrets - 💂 Kubernetes External Secrets

  •    Javascript

Kubernetes External Secrets allows you to use external secret management systems (e.g., AWS Secrets Manager) to securely add secrets in Kubernetes. Read more about the design and motivation for Kubernetes External Secrets on the GoDaddy Engineering Blog. The project extends the Kubernetes API by adding a ExternalSecrets object using Custom Resource Definition and a controller to implement the behavior of the object itself.

Otomi- The complete DevOps experience for Kubernetes

  •    Shell

Otomi is an open-source cloud-agnostic platform to run on top of Kubernetes to securely deploy, run and manage applications with a desktop-like user interface. Otomi is free, easy to install, comes with an intuitive desktop-like UI and ready to use pre-configured built-in applications to offer an out-of-the-box experience. Just like you would expect from your favorite Linux distribution. After installing Otomi on Kubernetes, you can log in and immediately start deploying and use all the built-in applications.


kube-linter - KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adhere to best practices

  •    Go

KubeLinter analyzes Kubernetes YAML files and Helm charts, and checks them against a variety of best practices, with a focus on production readiness and security. KubeLinter runs sensible default checks, designed to give you useful information about your Kubernetes YAML files and Helm charts. This is to help teams check early and often for security misconfigurations and DevOps best practices. Some common examples of these include running containers as a non-root user, enforcing least privilege, and storing sensitive information only in secrets.

terraform-k8s - Terraform Cloud Operator for Kubernetes

  •    Go

The Terraform Cloud Operator for Kubernetes provides first-class integration between Kubernetes and Terraform Cloud by extending the Kubernetes control plane to enable lifecycle management of cloud and on-prem infrastructure through Kubernetes manifests. Manifests can be deployed and managed using kubectl, Terraform, Gitops tools, or any other tool that allows you to manage Kubernetes custom resources. This operator provides a unified way to manage a Kubernetes application and its infrastructure dependencies through a single Kubernetes CustomResourceDefinition (CRD). After the infrastructure dependencies are created, pertinent information such as endpoints and credentials are returned from Terraform Cloud to Kubernetes.

Devtron - Software Delivery Workflow For Kubernetes

  •    Go

Devtron is designed as a self-serve platform for operationalizing and maintaining applications (AppOps) on kubernetes in a developer friendly way. It provides workflow which understands the domain of kubernetes, testing, CD, SecOps so that you dont have to write scripts. It supports reusable and composable components so that workflows are easy to contruct and reason through. Deploy to multiple kubernetes cluster.

flux - The GitOps Kubernetes operator

  •    Go

Flux is a tool that automatically ensures that the state of a cluster matches the config in git. It uses an operator in the cluster to trigger deployments inside Kubernetes, which means you don't need a separate CD tool. It monitors all relevant image repositories, detects new images, triggers deployments and updates the desired running configuration based on that (and a configurable policy). The benefits are: you don't need to grant your CI access to the cluster, every change is atomic and transactional, git has your audit log. Each transaction either fails or succeeds cleanly. You're entirely code centric and don't need new infrastructure.

kubefwd - Bulk port forwarding Kubernetes services for local development.

  •    Go

Read Kubernetes Port Forwarding for Local Development for background and a detailed guide to kubefwd. kubefwd is a command line utility built to port forward some or all pods within a Kubernetes namespace. kubefwd uses the same port exposed by the service and forwards it from a loopback IP address on your local workstation. kubefwd temporally adds domain entries to your /etc/hosts file with the service names it forwards.

devspace - Cloud Native Software Development with Kubernetes and Docker - simply run "devspace up" in any of your projects and start coding directly on top of Kubernetes (works with minikube, self-hosted and cloud-based clusters)

  •    Go

With a DevSpace, you can build, test and run code directly inside any Kubernetes cluster. You can run devspace up in any of your projects and the client-only DevSpace CLI will start a DevSpace within your Kubernetes cluster. Keep coding as usual and the DevSpace CLI will sync any code change directly into the containers of your DevSpace. No more waiting for re-building images, re-deploying containers and restarting applications on every source code change. Simply edit your code with any IDE and run your code instantly inside your DevSpace.

Lens - The Kubernetes IDE

  •    Typescript

Lens is an IDE designed for those who work with Kubernetes on a daily basis. It can explore and navigate Kubernetes clusters without having to learn kubectl commands, Inspect live statistics, events, and log streams in real-time. No spinners, refreshing or waiting for screens to update, Using EKS, AKS, GKE, Minikube, Rancher, k0s, k3s, OpenShift... ? They all work. Simply import the kubeconfigs for the clusters you want to work with.

origin - Enterprise Kubernetes for Developers

  •    Go

OpenShift Origin is a distribution of Kubernetes optimized for continuous application development and multi-tenant deployment. OpenShift adds developer and operations-centric tools on top of Kubernetes to enable rapid application development, easy deployment and scaling, and long-term lifecycle maintenance for small and large teams.For questions or feedback, reach us on IRC on #openshift-dev on Freenode or post to our mailing list.

kapitan - Generic templated configuration management for Kubernetes, Terraform and other things

  •    Python

Kapitan is a tool to manage complex deployments using jsonnet and jinja2. Use Kapitan to manage your Kubernetes manifests, your documentation, your Terraform configuration or even simplify your scripts.

aws-service-operator - AWS Service Operator allows you to create AWS resources using kubectl.

  •    Go

The AWS Service Operator allows you to manage AWS resources using Kubernetes Custom Resource Definitions. Using the AWS Service Operator enables a gitops workflow to drive your infrastructure to the desired state leveraging Kubernetes Custom Resource Definitions (CRD), the Kubernetes internal control loop, and AWS cloudformation orchestration. Read more about "operators" here.

habitus - A Build Flow Tool for Docker

  •    Go

Habitus adds workflows to Docker build. This means you can create a chain of builds to generate your final Docker image based on a workflow. This is particularly useful if your code is in compiled languages like Java or Go or if you need to use secrets like SSH keys during the build.Habitus is a standalone build flow tool for Docker. It’s a command line tool that builds Docker images based on their Dockerfile and a build.yml.

kubeform - Form your :boat: Kubernetes :anchor: cluster anywhere using CoreOS, Terraform and Ansible

  •    Python

Deploy yourself a high-availability Kubernetes cluster, in minutes. Built on Terraform, CoreOS and Ansible.Our recipes for bootstrapping HA Kubernetes clusters on any cloud or on-premise.

kubernetes-vault - Use Vault to store secrets for Kubernetes!

  •    Go

The Kubernetes-Vault project allows pods to automatically receive a Vault token using Vault's AppRole auth backend.To run Kubernetes-Vault on your cluster, follow the quick start guide.

kubernetes - Production-Grade Container Scheduling and Management

  •    Go

Kubernetes is an open source system for managing containerized applications across multiple hosts, providing basic mechanisms for deployment, maintenance, and scaling of applications.Kubernetes builds upon a decade and a half of experience at Google running production workloads at scale using a system called Borg, combined with best-of-breed ideas and practices from the community.






We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.