Trousseau Open Source Project Adds Secrets Management To Kubernetes

Trousseau’s open source project software is now available, delivering a new level of simplicity for Kubernetes users. Secrets management can now be added to Kubernetes along with support for any key management encryption, starting with HashiCorp Vault.

Trousseau uses Kubernetes etcd to store API object definitions and states. The Kubernetes secrets are shipped into the etcd key-value store database using an in-flight envelope encryption scheme with a remote transit key saved in a KMS. Secrets protected and encrypted with Trousseau and its native Kubernetes integration can connect with a key management system to secure database credentials, a configuration file or TLS (Transport Layer Security) certificate that contains critical information and is easily accessible by an application using the standard Kubernetes API primitives.

With Trousseau, any user/workload can leverage the native Kubernetes way to store and access secrets in a safe way by plugging into any KMS provider, like Hashicorp Vault (Community and Enterprise editions), using the Kubernetes KMS provider framework. No additional changes or new skills are required. It’s also possible to transition among Kubernetes platforms using the consistent Kubernetes API.

Trousseau is currently being rolled out in a production customer implementation on Suse Rancher Kubernetes Engine 2 leveraging Ondat as the data management platform, along with Hashicorp Vault.

You may also like

Red Hat’s Automated policy as code to help drive policy-specific automation across hybrid cloud

StarTree Cloud adds new observability and anomaly detection capabilities

SPDX 3.0 now supports SBOMs for AI applications

StarTree adds observability and anomaly detection capabilities to StarTree Cloud

Situational Awareness is key to implementing an effective cybersecurity strategy

Red Hat Lightspeed to expand GenAI capabilities across hybrid cloud portfolio