The Vault DB Injector relies on the database engine from Vault to generate credentials, distribute them to Kubernetes applications and handle their lifecycle.
- Generate credentials through Vault Database Engine
- Distribute credentials to workload using annotations and Kubernetes mutating webhook
- Renew credentials when necessary
- Revoke credentials when application pod is deleted
Checkout the Vault DB Injector documentation for more informations.
Contributions to the vault-db-injector are welcome. Please submit your pull requests or issues to the project's GitLab repository.
Here you can find a comparison with many vault injector projects : Comparaison
Special thanks to the contributors and maintainers of the project.