(2)
AWS Private CA is an AWS service that can setup and manage private CAs, as well as issue private certificates.
12h
50K+
Envoy Rate Limit Service (ratelimit) is a Go/gRPC service that provides centralized rate limiting for Envoy and other proxies.
12h
50K+
The Kyverno Policy Reporter watches for PolicyReport Resources. It creates Prometheus Metrics and can send rule validation events to different targets like Loki, Elasticsearch, Slack or Discord
6h
50K+
Keycloak is a high performance Java-based identity and access management solution. It lets developers add an authentication layer to their applications with minimum effort.
6h
50K+
OpenBao provides a solution to manage, store, and distribute sensitive data, including secrets, certificates, and keys
6h
50K+
Sealed Secrets is a Kubernetes controller and tool for one-way encrypted Secrets.
6h
50K+
node-collector gathers file system and process information from Kubernetes cluster nodes for CIS benchmark compliance checking.
12h
50K+
This project signs and proxies HTTP requests with Sigv4
6h
50K+
Certificate Authority for the Hyperledger Fabric blockchain network
12h
50K+
2
Kubernetes controller that synchronizes Azure Key Vault secrets, certificates, and keys into native Kubernetes Secrets via the AzureKeyVaultSecret CRD.
12h
10K+
Kyverno Reports server provides a scalable solution for storing policy reports and cluster policy reports.
6h
10K+
A Kubernetes admission controller to integrate container image signature verification and trust pinning into a cluster.
6h
10K+
Packages Gatekeeper Custom Resource Definitions and kubectl for deploying OPA-based policy enforcement on Kubernetes.
6h
10K+
Kyverno reports server provides a scalable solution for storing policy reports and cluster policy reports.
6h
10K+
EFF's ACME client for obtaining and renewing TLS certificates from Let's Encrypt and any ACME-compatible CA.
6h
10K+
2
A trust manager package image that provides Debian CA certificates for use as an init container with cert-manager trust-manager.
12h
10K+
Tool that retrieves and manages SVIDs on behalf of a workload via the SPIFFE Workload API.
6h
10K+
Kubeseal is the client side tool for Sealed Secrets to encrypt secrets.
6h
10K+
Kubernetes-native security toolkit that leverages Trivy to continuously scan your Kubernetes cluster for security issues.
12h
10K+
Apache APISIX is a dynamic, real-time, high-performance API Gateway.
12h
10K+
Calico command-line tool (calicoctl) for managing Calico network and security configuration in Kubernetes.
12h
10K+
Pinniped CLI is a command-line utility for interacting with Pinniped
12h
10K+
Cloud-native, platform-agnostic, scalable API Gateway with plugin ecosystem for authentication, rate limiting, and observability. Supports REST, GraphQL, gRPC, and WebSocket protocols with DB-less and declarative configuration modes.
12h
10K+
6
Kubernetes CSI driver that injects the SPIFFE Workload API socket into workload pods as an ephemeral inline volume.
6h
10K+
Cloud native Identity & Access Proxy (IAP) and Access Control Decision API that authenticates, authorizes, and mutates incoming HTTP(s) requests.
12h
10K+
Calico aggregated API server that exposes projectcalico.org APIs through the Kubernetes API aggregation layer.
6h
10K+
Calico Whisker provides a web UI to view network flows in Kubernetes clusters.
12h
10K+
Calico fan-out proxy that scales access to the Calico datastore for large clusters.
12h
10K+
Mounts secrets, keys, and certificates from external stores (AWS Secrets Manager, Azure Key Vault, GCP Secret Manager, HashiCorp Vault) into Kubernetes pods as files via the CSI volume API.
12h
10K+