Banzai Cloud is now part of Cisco

Banzai Cloud Logo Close
Home Products Benefits Blog Company Contact

Bank-Vaults

The Vault Swiss Army knife, which makes enterprise-grade security attainable on Kubernetes. It has many 'blades' that cut through the security problem: the Bank-Vaults operator provides automation; a Go client with automatic token renewal that provides dynamic secret generation, multiple unseal options and more; a CLI tool to initialize, unseal and configure Vault with authentication methods and secret engines; and direct secret injection into Pods to reduce the attack surface.

Bank-Vaults
Automation

Automates the entire Vault lifecycle in your Kubernetes clusters.

Flexibility

Provides seamless integration with non-Vault-aware applications without storing the decrypted secret anywhere.

Security

Vault is the de-facto standard for secret management in cloud native environments.

Details
Bank-Vaults

Bank-Vaults provides various tools for Hashicorp Vault to make its use easier:

A wrapper for the official Vault client with automatic token renewal, built in Kubernetes support, and a dynamic database credential provider.

A CLI tool to automatically initialize, unseal and configure Vault.

A Kubernetes operator for provisioning, and a mutating webhook for injecting secrets.

Bank-Vaults can be used as a CLI tool or accessed from code through a Golang library (supporting OAuth2 tokens, K8s auth, Vault operator, dynamic secrets, cloud credential storage, etc.). The package also includes a Helm chart for a HA cluster, operator, mutating webhook and a collection of scripts to support advanced features (dynamic SSH, etc.).

  • Automation
  • Flexibility
  • Security
Dig deeper in our Blog
Bank-Vaults on ARM and recent features

We had quite a few Bank-Vaults releases recently where new features arrived in the webhook and operator. This is no …

Read more
Multi-cluster testing with kind and MetalLB

Distributed applications Distributed applications have many definitions, but typically they are defined as …

Read more
OIDC issuer discovery for Kubernetes service accounts

Applications running in Kubernetes Pods are authenticated against the Kubernetes API with their corresponding …

Read more