AppsCode
  • KubeDB

    Run Production-Grade Databases on Kubernetes

    arrow_forward
    Stash

    Backup and Recovery Solution for Kubernetes

    arrow_forward
    KubeVault

    Run Production-Grade Vault on Kubernetes

    arrow_forward
    Voyager

    Secure HAProxy Ingress Controller for Kubernetes

    arrow_forward
    KubeDB

    KubeDB simplifies Provision, Upgrade, Scaling, Volume Expansion, Monitor, Backup, Restore for various Databases in Kubernetes on any Public & Private Cloud

    • task_altLower administrative burden
    • task_altNative Kubernetes Support
    • task_altPerformance
    • task_altAvailability and durability
    • task_altManageability
    • task_altCost-effectiveness
    • task_altSecurity
    Stash

    A complete Kubernetes native disaster recovery solution for backup and restore your volumes and databases in Kubernetes on any public and private clouds.

    • task_altDeclarative API
    • task_altBackup Kubernetes Volumes
    • task_altBackup Database
    • task_altMultiple Storage Support
    • task_altDeduplication
    • task_altData Encryption
    • task_altVolume Snapshot
    • task_altPolicy Based Backup
    KubeVault

    KubeVault is a Git-Ops ready, production-grade solution for deploying and configuring Hashicorp's Vault on Kubernetes.

    • task_altVault Kubernetes Deployment
    • task_altAuto Initialization & Unsealing
    • task_altVault Backup & Restore
    • task_altConsume KubeVault Secrets with CSI
    • task_altManage DB Users Privileges
    • task_altStorage Backend
    • task_altAuthentication Method
    • task_altDatabase Secret Engine
    Voyager

    Secure HAProxy Ingress Controller for Kubernetes

    • task_altHTTP & TCP
    • task_altSSL
    • task_altPlatform support
    • task_altHAProxy
    • task_altPrometheus
    • task_altLet's Encrypt
  • Guard

    Kubernetes Authentication WebHook Server

    • task_altIdentity Providers
    • task_altCLI
    • task_altRBAC
    Kubed

    Kubernetes cluster manager daemon

    • task_altDisaster Recovery
    • task_altEvent Forwarder
    • task_altConfiguration Syncer
    • task_altRecycle Bin
    • task_altEvent Notifiers
    • task_altJanitor
  • Webinar New
CONTACT SALES
KubeVault KubeVault
github-icon twitter-icon

We use cookies and other similar technology to collect data to improve your experience on our site, as described in our Privacy Policy.

AWS Secret Engine

KubeVault lets you enable and configure AWS Secret Engine. You can create Secret containing the AWS credentials and also create RBAC Role and RoleBinding.

TRY NOW FREE GET IN TOUCH
$ helm repo add appscode https://charts.appscode.com/stable/
$ helm repo update
$ helm install kubevault appscode/kubevault \
--version v2023.9.7 \
--namespace kubevault --create-namespace \
--set-file global.license=/path/to/the/license.txt
Enable and Configure Secret Engine

Enable and Configure Secret Engine

Secrets Engines are components which store, generate, or encrypt data. Secrets Engines are incredibly flexible, so it is easiest to think about them in terms of their function. Secrets Engines are provided with some set of data, they take some action on that data, and they return a result. KubeVault lets you enable & configure AWS Secret Engine in a Kubernetes native way.

Role

In a Secret Engine, a role describes an identity with a set of permissions, groups, or policies you want to attach to a user of the Secret Engine. KubeVault operator lets you create AWSRole in a Secret Engine.

Role
Secret Access Request

Secret Access Request

A SecretAccessRequest is a Kubernetes CustomResourceDefinition (CRD) which allows a user to request a Vault server for credentials in a Kubernetes native way. A SecretAccessRequest can be created under AWSRole that can be enabled in a SecretEngine. KubeVault operator lets you manage your DB user privileges with dynamic secrets rather than hard-coded credentials using SecretAccessRequest. This means that services that need to access a database no longer need to hardcode credentials.

Secret Role Binding

A SecretRoleBinding is a Kubernetes CustomResourceDefinition (CRD) which allows a user to bind a set of roles to a set of users. Using the SecretRoleBinding it’s possible to bind AWSRole to Kubernetes ServiceAccounts. This way is more machine friendly and convenient for running your application with specific permissions.

Secret Role Binding

What They Are Talking About us

Trusted by top engineers at the most ambitious companies

InterSystems was delighted to engage with AppsCode in the delicate, yet fundamental task of supporting durable, non-ephemeral workloads with Kubernetes. We needed the best-prepared, most-proficient database operator consulting in the industry. Given AppsCode's pedigree of database building operators, the decision was easy. No time was wasted and all objectives reached in an amazingly short period of time. I would recommend AppsCode consulting for any Kubernetes related work.

Voyager made it simple and efficient for us to protect and initiate our bare metal Kubernetes workload. Its underlying technology and extensive L4 support along with seamless SSL integration is what made us choose Voyager over others. Voyager team is also very responsive when it comes to support. Great product!

Voyager is the easiest way to use the fast and reliable HAProxy as our ingress controller. At PriceHubble, it is the corner-stone of our blue/green deployments.

I work with a few Kubernetes clusters and we use Voyager as our preferred ingress controller. We really like the ease of configuration. Documentation is pretty good. Also the use of HaProxy is important for us because it works really well with both L4 and L7 load balancing. One of our TCP services, Wayk Now, is able to withstand thousands of persistent connections very smoothly at the same time.

We really like using Voyager. Its straightforward and well-documented config and SSL (especially Let's Encrypt) has made our migration of services to Kubernetes a breeze. Each major version has been a very welcome update!

We're using Voyager as part of most Astarte deployments and it's orchestrated also by our brand new Operator. We are glad to showcase that.

Run Production-Grade Vault on Kubernetes FREE !

KubeVault community edition is FREE to use on any supported Kubernetes engines. There is no up-front investment required. We offer a 30 days license FREE of cost to try KubeVault Enterprise edition.

TRY NOW FREE GET IN TOUCH