Kubernetes Secrets Store CSI Driver
Secrets Store CSI Driver for Kubernetes secrets - Integrates secrets stores with Kubernetes via a Container Storage Interface (CSI) volume.
The Secrets Store CSI Driver secrets-store.csi.k8s.io allows Kubernetes to mount multiple secrets, keys, and certs stored in enterprise-grade external secrets stores into their pods as a volume. Once the Volume is attached, the data in it is mounted into the container’s file system.
Want to help?
Join us to help define the direction and implementation of this project!
- Join the #csi-secrets-store channel on Kubernetes Slack.
- Join the Mailing list to receive notifications for releases, security announcements, etc.
- Use GitHub Issues to file bugs, request features, or ask questions asynchronously.
- Join biweekly community meetings to discuss development, issues, use cases, etc.
Project Status
| Driver | Compatible Kubernetes | secrets-store.csi.x-k8s.io Versions |
|---|---|---|
| v1.4.0 | 1.19+ | v1, v1alpha1 [DEPRECATED] |
| v1.3.4 | 1.19+ | v1, v1alpha1 [DEPRECATED] |
See Release Management for additional details on versioning. We aim to release a new minor version every month and intend to support the latest 2 minor versions of the driver.
Features
Driver Core Functionality (Stable)
- Multiple external secrets store providers
- Pod portability with the
SecretProviderClassCustomResourceDefinition - Mounts secrets/keys/certs to pod using a CSI Inline volume
- Mount multiple secrets store objects as a single volume
- Linux and Windows containers
Alpha Functionality
These features are not stable. If you use these be sure to consult the upgrade instructions with each upgrade.
- Auto rotation of mounted contents and synced Kubernetes secret
- Sync with Kubernetes Secrets