Skip to content

Venafi enterprise components for Kubernetes

Kubernetes components include:

Component Description Latest version
Approver Policy Approver Policy is an cert-manager approver that approves or denies certificate requests based on policies defined in the certificate request policy custom resource. v0.12.1 February 1, 2024
Approver Policy Enterprise Approver Policy Enterprise is the enterprise version of the Approver Policy tool. It enables you to apply certificate policies by connecting your Kubernetes cluster to Venafi Control Plane. v0.13.0 November 29, 2023
cert-manager CSI driver cert-manager CSI driver is a storage plugin that is deployed into your Kubernetes cluster that can honor volume requests specified on Pods. v0.7.1 February 23, 2024
cert-manager CSI driver for SPIFFE CSI driver for SPIFFE (Secure Production Identity Framework for Everyone) is a Container Storage Interface (CSI) driver plugin for Kubernetes, designed to work alongside cert-manager to deliver SPIFFE SVIDs (SPIFEE Verifiable Identity Documents), in the form of X.509 certificate key pairs, to mounting Kubernetes Pods. v0.5.0 February 9, 2024
Enterprise cert-manager An enterprise version of cert-manager. The component adds certificates and certificate issuers as resource types in Kubernetes clusters and simplifies obtaining, renewing, and using certificates. v1.14.3 February 23, 2024
Firefly Firefly is a high performing, lightweight micro-service for issuing machine identities quickly and with no dependencies. Firefly fits well within globally distributed application architectures, and provides high-speed/high-volume certificate issuance capacity with enterprise trust and policy enforcement. For more information, see Firefly overview. v1.3.2 February 26, 2024
Istio CSR driver Istio CSR is an agent that allows you to secure Istio workload and control plane components using cert-manager. v0.8.1 January 30, 2024
Trust Manager Trust Manager is an tool that manages trust bundles in Kubernetes and OpenShift clusters. Trust Manager is a small Kubernetes operator that helps reduce the overhead of managing TLS trust bundles in your clusters. v0.8.0 January 19, 2024
Venafi Connection Venafi Connection is used to ensure the proper authentication between your Kubernetes clusters and Venafi Control Plane. It offers flexible authentication mechanisms such as bearer tokens or OIDC. v0.0.18 January 23, 2024
Venafi Enhanced Issuer Venafi Enhanced Issuer is a cert-manager issuer that can be either cluster-wide or per namespace. This component enables your clusters to issue certificates from Venafi Control Plane. v0.11.0 November 29, 2023
Venafi Kubernetes Agent The Venafi Kubernetes Agent gathers data for machine identities and other Kubernetes resources, such as ingresses, from Kubernetes clusters connected to Venafi Control Plane. The agent regularly connects to Venafi Control Plane to transmit the collected data for evaluation. After the evaluation, you can view the current status of certificates, ingresses, and cert-manager components in Venafi Control Plane. v0.1.45 February 6, 2024
Venafi Kubernetes Manifest The Venafi Kubernetes Manifest feature in the Venafi CLI is a powerful command-line utility that streamlines the installation of Venafi Kubernetes components in clusters. The Venafi Kubernetes Manifest tool is released in concert with, and installed as part of, the Venafi CLI tool. v1.6.0 February 23, 2024

Next steps

If you operate any of the Venafi Kubernetes components, you should read the following help pages as they provide essential information for installing, upgrading, backing up, and monitoring the Venafi enterprise components for Kubernetes.