Add Hashicorp Vault provider #363
Comments
|
Thanks for taking this initiative! Currently users have the option of using vault-env and we need to decide how murmur positions itself compared to the alternatives. Do users want murmur to be a simpler alternative to vault-env? Do they want murmur to support Vault's advanced features like dynamic secrets and the many authentication options? Please everyone, let us know what you think. Your comments will impact what murmur becomes :) |
|
I'm not finding a whole lot of documentation or examples on using banzaicloud's vault-env as a standalone. The best example I've found so far is this blog post. My current understanding is it requires installing one or two operators onto the cluster with custom annotations on the deployments/pods. If that is incorrect, there's not an easy place to find documentation on the functionality. There's possibility for something lighter and simpler, that doesn't require any operators. It would reduce maintenance costs by not having the operator(s). Also, a few solid examples and users could get up and running much quicker. The companies I've worked at primarily used vault as a kv store. As for authentication options, I think starting with using the pod's service account credentials would be consistent with the other providers. Maybe if a token environment variable were present, that could be used instead for local testing. |
busser
added
enhancement
To track interest and discussion on adding a vault provider.
The text was updated successfully, but these errors were encountered: