Aegis is a delightfully-secure Kubernetes-native secrets store.
Aegis keeps your secrets secret.
With Aegis, you can rest assured that your sensitive data is always secure and protected.
Aegis is perfect for securely storing arbitrary configuration information at a central location and securely dispatching it to workloads.
Aegis is a cloud-native secure store for secrets management. It provides a minimal and intuitive API, ensuring practical security without compromising user experience.
Aegis is resilient and secure by default, storing sensitive data in memory and encrypting any data saved to disk.
Endorsed by industry experts, Aegis is a ground-up re-imagination of secrets management, leveraging SPIFFE for authentication and providing a cloud-native way to manage secrets end-to-end.
Before trying Aegis, you might want to learn about its architecture and design goals.
Once you are ready to get started, see the Quickstart guide.
Or, if you one of those who “learn by doing”, you might want to dig into the implementation details later. If that’s the case, you can directly jump to the fun part and follow the steps here to install Aegis to your Kubernetes cluster.
There are several examples demonstrating Aegis sample use cases
inside the ./examples/ folder.
Pre-built container images of Aegis components can be found at: https://hub.docker.com/u/aegishub.
You can also build Aegis from the source.
We publicly track all Aegis plans on a GitHub project. You can check it out to get a glimpse of the current planned features, and how the future of Aegis looks like.
Aegis, is under dynamic and progressive development.
The code that we’ve officially signed and released maintains a high standard of stability and dependability. However, we do encourage it be used in a production environment (at your own risk—see LICENSE).
It’s important to note that, technically speaking, Aegis currently holds the
status of an alpha software. This simply means that as we journey towards our milestone of
v1.0.0, it's possible for changes to occur—both major and minor. While this might mean
some aspects are not backward compatible, it's a testament to our unwavering commitment
to refining and enhancing Aegis.
In a nutshell, we are ceaselessly pushing the boundaries of what’s possible, while ensuring our software stays as dependable and effective for production use.
Official documentation available on aegis.ist.
We take Aegis’ security seriously. If you believe you have found a vulnerability, please responsibly disclose by contacting [email protected].
Check out this quickstart guide for an overview of Aegis.
Open Source is better together.
If you are a security enthusiast, join Aegis’ Slack Workspace and let us change the world together 🤘.
- Homepage: https://aegis.ist/
- Documentation: https://aegis.ist/docs/
- Changelog: https://aegis.ist/changelog/
- Community: Join Aegis’ Slack Workspace
- Contact: https://aegis.ist/contact/
- Media Kit: https://aegis.ist/media/
- Changelog: https://aegis.ist/changelog/
- Installation and Quickstart: https://aegis.ist/docs/register/
- Local Development Instructions: https://aegis.ist/docs/contributing/
- Aegis Go SDK: https://aegis.ist/docs/sdk/
- Aegis CLI: https://aegis.ist/docs/sentinel/
- Architectural Deep Dive: https://aegis.ist/docs/architecture/
- Configuration: https://aegis.ist/docs/configuration/
- Design Philosophy: https://aegis.ist/docs/philosophy/
- Production Deployment Tips: https://aegis.ist/production/
Check out this quickstart guide for an overview of Aegis, which also covers installation and uninstallation instructions.
You need a Kubernetes cluster and sufficient admin rights on that cluster to install Aegis.
This tutorial about “Registering Secrets Using Aegis” covers several usage scenarios.
Check out this Aegis Deep Dive article for an overview of Aegis system design and how each component fits together.
Here are the important folders and files in this repository:
./app: Contains core Aegis components’ source code../app/init-container: Contains the source code for the Aegis Init Container../app/safe: Contains the source code for the Aegis Safe../app/sentinel: Contains the source code for the Aegis Sentinel../app/sidecar: Contains the source code for the Aegis Sidecar.
./core: Contains core modules that are shared across Aegis components../examples: Contains the source code of example use cases../hack: Contains scripts that are used for building, publishing, development and testing../k8s: Contains Kubernetes manifests that are used to deploy Aegis and its use cases../sdk: Contains the source code of the Aegis SDK../CODE_OF_CONDUCT.md: Contains Aegis Code of Conduct../SECURITY.md: Contains Aegis Security Policy../LICENSE: Contains Aegis License../Makefile: Contains Aegis Makefile that is used for building, publishing, deploying, and testing the project.
We have an article for that too 🙂.
You can find the changelog, and migration/upgrade instructions (if any) on Aegis’ Changelog Page.
You can see the project’s progress in these Aegis boards.
The board outlines what are the current outstanding work items, and what is currently being worked on.
To contribute to Aegis, follow the contributing guidelines to get started.
Use GitHub issues to request features or file bugs.
As of now, I, Volkan Özçelik, am the sole maintainer of Aegis.
Please send your feedback, suggestions, recommendations, and comments to [email protected].
We’d love to have them.