Bank-Vaults is a Vault swiss-army knife: a K8s operator, Go client with automatic token renewal, automatic configuration, multiple unseal options and more. A CLI tool to init, unseal and configure Vault (auth methods, secret engines). Direct secret injection into Pods.
Bank-Vaults provides the following tools for Hashicorp Vault to make its use easier and more automated:
- A Kubernetes operator for provisioning secrets.
- A mutating webhook for injecting secrets.
- A CLI tool to automatically initialize, unseal, and configure Vault with authentication methods and secret engines.
- A Go client wrapper for the official Vault client with automatic token renewal, built-in Kubernetes support, and a dynamic database credential provider.
The package also includes Helm charts for installing the various components, and a collection of scripts to support advanced features (for example, dynamic SSH).
First step 🔗︎
- If you are new to Bank-Vaults, begin with the getting started guide, or read some of the the Bank-Vaults related blogposts.
- If you need help using Bank-Vaults, see the Support page for ways to contact us.