Terraform code for Leverage Reference Architecture for AWS, designed under optimal configs for the most popular modern web and mobile applications needs.
The expected behavior is that the k8s-eks-demoapps stack will have built-in support for AWS secrets management via a reference implementation of the external-secrets K8s controller.
Use Case
Many Kubernetes (k8s) users are looking for a simple and effective way to manage their application secrets. While Kubernetes provides some basic support for secrets management, many users prefer to use a third-party secrets manager, such as Hashicorp Vault or AWS Secrets Manager.
This feature request is related to a problem/challenge faced by k8s users who want to implement a secrets manager for their applications running on Kubernetes. Currently, users have to manually configure their secrets manager for their applications, which can be time-consuming and error-prone.
By adding support for a reference implementation of a secrets manager in the Leverage k8s-eks-demoapps stack, users will be able to easily and securely manage their application secrets, reducing the time and effort required to configure their secrets manager.
Describe Ideal Solution
The ideal solution is to add support for a reference implementation of a secrets manager in the k8s-eks-demoapps stack with external-secerts vía Terraform + Helm consumed by the demo-apps of our stack. The reference implementation should be easy to configure and use, and should support the most common secrets management use cases, such as storing and retrieving secrets, updating / rotating secrets (to review since we favour updating this secrets from the AWS Web Console or AWS CLI manually after they have a PLACEHOLDER deployed vía Terraform Layer), and auditing secret access.
The reference implementation should also be modular, so that users can easily swap it out for a different secrets manager if desired. For this iteration lest's please focus only inthe reference implementation based on AWS Secrets Manager. May be another popular secrets manager like Hashicorp Vault could be considered in the future.
Additional Context
Currently, the k8s-eks-demoapps stack does not have built-in support for secrets management. This feature request is intended to address this gap by adding support for a reference implementation of a secrets manager in the stack.
exequielrafaela
commented
1 year ago
Describe the Feature
This feature request is for adding support for a reference implementation for secrets-manager in the k8s-eks-demoapps stack.
Demo Apps:
Expected Behavior
The expected behavior is that the k8s-eks-demoapps stack will have built-in support for AWS secrets management via a reference implementation of the external-secrets K8s controller.
Use Case
Many Kubernetes (k8s) users are looking for a simple and effective way to manage their application secrets. While Kubernetes provides some basic support for secrets management, many users prefer to use a third-party secrets manager, such as Hashicorp Vault or AWS Secrets Manager.
This feature request is related to a problem/challenge faced by k8s users who want to implement a secrets manager for their applications running on Kubernetes. Currently, users have to manually configure their secrets manager for their applications, which can be time-consuming and error-prone.
By adding support for a reference implementation of a secrets manager in the Leverage k8s-eks-demoapps stack, users will be able to easily and securely manage their application secrets, reducing the time and effort required to configure their secrets manager.
Describe Ideal Solution
The ideal solution is to add support for a reference implementation of a secrets manager in the k8s-eks-demoapps stack with external-secerts vía Terraform + Helm consumed by the demo-apps of our stack. The reference implementation should be easy to configure and use, and should support the most common secrets management use cases, such as storing and retrieving secrets, updating / rotating secrets (to review since we favour updating this secrets from the AWS Web Console or AWS CLI manually after they have a PLACEHOLDER deployed vía Terraform Layer), and auditing secret access.
The reference implementation should also be modular, so that users can easily swap it out for a different secrets manager if desired. For this iteration lest's please focus only inthe reference implementation based on AWS Secrets Manager. May be another popular secrets manager like Hashicorp Vault could be considered in the future.
Additional Context
Currently, the k8s-eks-demoapps stack does not have built-in support for secrets management. This feature request is intended to address this gap by adding support for a reference implementation of a secrets manager in the stack.