Skip to content

Venafi enterprise components for Kubernetes

Kubernetes components include:

Component Description Latest version
Approver Policy Approver Policy is a cert-manager approver that approves or denies certificate requests based on policies defined in the certificate request policy custom resource. v0.14.1 May 13, 2024
Approver Policy Enterprise Approver Policy Enterprise is the enterprise version of the Approver Policy tool. It enables you to apply certificate policies by connecting your Kubernetes cluster to Venafi Control Plane. v0.17.1 June 12, 2024
cert-manager CSI driver cert-manager CSI driver is a storage plugin that is deployed into your Kubernetes cluster that can honor volume requests specified on Pods. v0.8.1 May 13, 2024
cert-manager CSI driver for SPIFFE CSI driver for SPIFFE (Secure Production Identity Framework for Everyone) is a Container Storage Interface (CSI) driver plugin for Kubernetes, designed to work alongside cert-manager to deliver SPIFFE SVIDs (SPIFEE Verifiable Identity Documents), in the form of X.509 certificate key pairs, to mounting Kubernetes Pods. v0.6.0 May 16, 2024
cert-manager An enterprise distribution of cert-manager. The component adds certificates and certificate issuers as resource types in Kubernetes clusters and simplifies obtaining, renewing, and using certificates. v1.15.0 June 5, 2024
Firefly Firefly is a high performing, lightweight micro-service for issuing machine identities quickly and with no dependencies. Firefly fits well within globally distributed application architectures, and provides high-speed/high-volume certificate issuance capacity with enterprise trust and policy enforcement. For more information, see Firefly overview. v1.3.4 April 16, 2024
Istio CSR driver Istio CSR is an agent that allows you to secure Istio workload and control plane components using cert-manager. v0.9.0 May 13, 2024
Trust Manager Trust Manager is a tool that manages trust bundles in Kubernetes and OpenShift clusters. Trust Manager is a small Kubernetes operator that helps reduce the overhead of managing TLS trust bundles in your clusters. v0.11.0 June 3, 2024
Venafi Connection Venafi Connection is used to ensure the proper authentication between your Kubernetes clusters and Venafi Control Plane. It offers flexible authentication mechanisms such as bearer tokens or OIDC. v0.1.0 May 15, 2024
Venafi Enhanced Issuer Venafi Enhanced Issuer is a cert-manager issuer that can be either cluster-wide or per namespace. This component enables your clusters to issue certificates from Venafi Control Plane. v0.14.0 May 17, 2024
Venafi Control Plane Operator Venafi Control Plane Operator is a Kubernetes operator for Red Hat OpenShift that is designed to assist customers in installing Venafi cluster components, including cert-manager, Venafi Enhanced Issuer, and Firefly. v1.1.0 June 14, 2024
Venafi Kubernetes Agent The Venafi Kubernetes Agent gathers data for machine identities and other Kubernetes resources, such as ingresses, from Kubernetes clusters connected to Venafi Control Plane. The agent regularly connects to Venafi Control Plane to transmit the collected data for evaluation. After the evaluation, you can view the current status of certificates, ingresses, and cert-manager components in Venafi Control Plane. v0.1.48 May 14, 2024
Venafi Kubernetes Manifest The Venafi Kubernetes Manifest feature in the Venafi CLI is a powerful command-line utility that streamlines the installation of Venafi Kubernetes components in clusters. The Venafi Kubernetes Manifest tool is released in concert with, and installed as part of, the Venafi CLI tool. v1.11.0 June 6, 2024

Next steps

If you operate any of the Venafi Kubernetes components, you should read the following help pages as they provide essential information for installing, upgrading, backing up, and monitoring the Venafi enterprise components for Kubernetes.