Venafi enterprise components for Kubernetes¶
Kubernetes components include:
| Component | Description | Latest version |
|---|---|---|
| Approver Policy | Approver Policy is an cert-manager approver that approves or denies certificate requests based on policies defined in the certificate request policy custom resource. | v0.13.1 March 26, 2024 |
| Approver Policy Enterprise | Approver Policy Enterprise is the enterprise version of the Approver Policy tool. It enables you to apply certificate policies by connecting your Kubernetes cluster to Venafi Control Plane. | v0.15.0 March 26, 2024 |
| cert-manager CSI driver | cert-manager CSI driver is a storage plugin that is deployed into your Kubernetes cluster that can honor volume requests specified on Pods. | v0.8.0 March 28, 2024 |
| cert-manager CSI driver for SPIFFE | CSI driver for SPIFFE (Secure Production Identity Framework for Everyone) is a Container Storage Interface (CSI) driver plugin for Kubernetes, designed to work alongside cert-manager to deliver SPIFFE SVIDs (SPIFEE Verifiable Identity Documents), in the form of X.509 certificate key pairs, to mounting Kubernetes Pods. | v0.5.0 February 9, 2024 |
| Enterprise cert-manager | An enterprise version of cert-manager. The component adds certificates and certificate issuers as resource types in Kubernetes clusters and simplifies obtaining, renewing, and using certificates. | v1.14.4 March 7, 2024 |
| Firefly | Firefly is a high performing, lightweight micro-service for issuing machine identities quickly and with no dependencies. Firefly fits well within globally distributed application architectures, and provides high-speed/high-volume certificate issuance capacity with enterprise trust and policy enforcement. For more information, see Firefly overview. | v1.3.4 April 16, 2024 |
| Istio CSR driver | Istio CSR is an agent that allows you to secure Istio workload and control plane components using cert-manager. | v0.8.1 January 30, 2024 |
| Trust Manager | Trust Manager is an tool that manages trust bundles in Kubernetes and OpenShift clusters. Trust Manager is a small Kubernetes operator that helps reduce the overhead of managing TLS trust bundles in your clusters. | v0.9.2 March 13, 2024 |
| Venafi Connection | Venafi Connection is used to ensure the proper authentication between your Kubernetes clusters and Venafi Control Plane. It offers flexible authentication mechanisms such as bearer tokens or OIDC. | v0.0.20 March 26, 2024 |
| Venafi Enhanced Issuer | Venafi Enhanced Issuer is a cert-manager issuer that can be either cluster-wide or per namespace. This component enables your clusters to issue certificates from Venafi Control Plane. | v0.13.3 March 28, 2024 |
| Venafi Kubernetes Agent | The Venafi Kubernetes Agent gathers data for machine identities and other Kubernetes resources, such as ingresses, from Kubernetes clusters connected to Venafi Control Plane. The agent regularly connects to Venafi Control Plane to transmit the collected data for evaluation. After the evaluation, you can view the current status of certificates, ingresses, and cert-manager components in Venafi Control Plane. | v0.1.47 March 28, 2024 |
| Venafi Kubernetes Manifest | The Venafi Kubernetes Manifest feature in the Venafi CLI is a powerful command-line utility that streamlines the installation of Venafi Kubernetes components in clusters. The Venafi Kubernetes Manifest tool is released in concert with, and installed as part of, the Venafi CLI tool. | v1.8.0 April 5, 2024 |
Next steps¶
If you operate any of the Venafi Kubernetes components, you should read the following help pages as they provide essential information for installing, upgrading, backing up, and monitoring the Venafi enterprise components for Kubernetes.