You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As a member of an SRE or Infrastructure team, I would like to use an automated workflow capability to update my PKI for supporting the Connaisseur feature set, our platform of choice is RunDeck. Rundeck provides plugin capabilities for provisioning and running jobs, a similar plugin could be used for Backstage to grow the base of interest in this toolset.
Optional: Implementation ideas
Given that rundeck and backstage have plugins for Vault, we can create a plugin that may or may not be dependent on a public key change - the automation would modify the keys configured in the helm chart, update/tag the helm chart (per a set of configuration settings) and redeploy Connaisseur to account for the public key change (or additional index/key configuration). Thus, when someone changes a key, the dependency that Connaisseur had on the key is taken care of through this plugin integration.
Optional: Additional context
Many companies are examining two serious considerations
an automated workflow engine for infrastructure configuration, automation, and maintenance of artifacts - they have so many touch points to consider when changing a key (for whatever reason) that its vital to eliminate those dependencies through automation.
Companies are unaware of the dangers of not enabling the k8s admission/rejection capability - as more awareness grows of the security threat, Connaisseur will be a key component of any teams' CICD Workflow
The text was updated successfully, but these errors were encountered:
As a member of an SRE or Infrastructure team, I would like to use an automated workflow capability to update my PKI for supporting the Connaisseur feature set, our platform of choice is RunDeck. Rundeck provides plugin capabilities for provisioning and running jobs, a similar plugin could be used for Backstage to grow the base of interest in this toolset.
Optional: Implementation ideas
Given that rundeck and backstage have plugins for Vault, we can create a plugin that may or may not be dependent on a public key change - the automation would modify the keys configured in the helm chart, update/tag the helm chart (per a set of configuration settings) and redeploy Connaisseur to account for the public key change (or additional index/key configuration). Thus, when someone changes a key, the dependency that Connaisseur had on the key is taken care of through this plugin integration.
Optional: Additional context
Many companies are examining two serious considerations
The text was updated successfully, but these errors were encountered: