At Soluto, we're using Kubernetes platform in production for more than a year. One of the challenges we faced is secrets management, which is not a simple task at all (did you experienced similar issues?). Kubernetes Secret object has its own limitations (especially, how to store the manifest files). We also tried various solutions (like Sealed Secrets and Helm Secrets to name a few), but none of them was a good fit for us. We wanted a solution that is:
- GitOps (so it can support our decentralized ops culture)
- Zero trust (once a secret is encrypted, there is no need and no way to decrypt it)
This is why we built Kamus - our secret encryption solution. Kamus let you seamlessly encrypt secrets, that can be decrypted only by the app running in production.
I'll be more than happy to answer any question you might have regarding Kamus, and of course - look forward to hearing your feedback!