Venafi enterprise components for Kubernetes¶
Kubernetes components include:
| Component | Description | Latest version |
|---|---|---|
| Approver Policy | Approver Policy is a cert-manager approver that approves or denies certificate requests based on policies defined in the certificate request policy custom resource. | v0.14.1 May 13, 2024 |
| Approver Policy Enterprise | Approver Policy Enterprise is the enterprise version of the Approver Policy tool. It enables you to apply certificate policies by connecting your Kubernetes cluster to Venafi Control Plane. | v0.17.2 July 11, 2024 |
| cert-manager CSI driver | cert-manager CSI driver is a storage plugin that is deployed into your Kubernetes cluster that can honor volume requests specified on Pods. | v0.10.0 July 22, 2024 |
| cert-manager CSI driver for SPIFFE | CSI driver for SPIFFE (Secure Production Identity Framework for Everyone) is a Container Storage Interface (CSI) driver plugin for Kubernetes, designed to work alongside cert-manager to deliver SPIFFE SVIDs (SPIFEE Verifiable Identity Documents), in the form of X.509 certificate key pairs, to mounting Kubernetes Pods. | v0.8.0 July 22, 2024 |
| cert-manager | An enterprise distribution of cert-manager. The component adds certificates and certificate issuers as resource types in Kubernetes clusters and simplifies obtaining, renewing, and using certificates. | v1.15.1 June 26, 2024 |
| Firefly | Firefly is a high-performing, lightweight micro-service that issues machine identities quickly and with no dependencies. Firefly fits well within globally distributed application architectures, and provides high-speed/high-volume certificate issuance capacity with enterprise trust and policy enforcement. For more information, see Firefly overview. | v1.4.2 July 22, 2024 |
| Istio CSR driver | Istio CSR is an agent that allows you to secure Istio workload and control plane components using cert-manager. | v0.10.0 July 18, 2024 |
| Trust Manager | Trust Manager is a tool that manages trust bundles in Kubernetes and OpenShift clusters. Trust Manager is a small Kubernetes operator that helps reduce the overhead of managing TLS trust bundles in your clusters. | v0.12.0 July 19, 2024 |
| Venafi Connection | Venafi Connection is used to ensure the proper authentication between your Kubernetes clusters and Venafi Control Plane. It offers flexible authentication mechanisms such as bearer tokens or OIDC. | v0.1.0 May 15, 2024 |
| Venafi Enhanced Issuer | Venafi Enhanced Issuer is a cert-manager issuer that can be either cluster-wide or per namespace. This component enables your clusters to issue certificates from Venafi Control Plane. | v0.14.0 May 17, 2024 |
| Venafi Control Plane Operator | Venafi Control Plane Operator is a Kubernetes operator for Red Hat OpenShift that is designed to assist customers in installing Venafi cluster components, including cert-manager, Venafi Enhanced Issuer, and Firefly. | v1.1.1 July 4, 2024 |
| Venafi Kubernetes Agent | The Venafi Kubernetes Agent gathers data for machine identities and other Kubernetes resources, such as ingresses, from Kubernetes clusters connected to Venafi Control Plane. The agent regularly connects to Venafi Control Plane to transmit the collected data for evaluation. After the evaluation, you can view the current status of certificates, ingresses, and cert-manager components in Venafi Control Plane. | v0.1.49 July 11, 2024 |
| Venafi Kubernetes Manifest | The Venafi Kubernetes Manifest feature in the Venafi CLI is a powerful command-line utility that streamlines the installation of Venafi Kubernetes components in clusters. The Venafi Kubernetes Manifest tool is released in concert with, and installed as part of, the Venafi CLI tool. | v1.12.0 July 16, 2024 |
Next steps¶
If you operate any of the Venafi Kubernetes components, you should read the following help pages as they provide essential information for installing, upgrading, backing up, and monitoring the Venafi enterprise components for Kubernetes.