Uses a CA loaded from disk to sign SPIRE server intermediate certificates. For events that are happening, the notifier can advise SPIRE server on the outcome.Īn sql database storage for SQLite, PostgreSQL and MySQL databases for the SPIRE datastoreĪ key manager which manages keys in AWS KMSĪ key manager which manages keys persisted on diskĪ key manager which manages unpersisted keys in memoryĪ node attestor which attests agent identity using an AWS Instance Identity DocumentĪ node attestor which attests agent identity using an Azure MSI tokenĪ node attestor which attests agent identity using a GCP Instance Identity TokenĪ node attestor which validates agents attesting with server-generated join tokensĪ node attestor which attests agent identity using a Kubernetes Service Account tokenĪ node attestor which attests agent identity using a Kubernetes Projected Service Account tokenĪ node attestor which attests agent identity using an existing ssh certificateĪ node attestor which attests agent identity using a TPM that has been provisioned with a DevID certificateĪ node attestor which attests agent identity using an existing X.509 certificateĪ notifier that pushes the latest trust bundle contents into an object in Google Cloud Storage.Ī notifier that pushes the latest trust bundle contents into a Kubernetes ConfigMap. Notified by SPIRE server for certain events that are happening or have happened. Generally paired with an agent plugin of the same type.Īllows SPIRE server to integrate with existing PKI systems. Implements validation logic for nodes attempting to assert their identity. Useful for leveraging hardware-based key operations. Implements both signing and key storage logic for the server’s signing operations. Only the built-in SQL plugin can be used. Note: Pluggability for the DataStore is no longer supported. Provides persistent storage and HA features.
It includes information about plugin types, built-in plugins, the server configuration file, plugin configuration, and command line options for spire-server commands. This document is a configuration reference for SPIRE Server.
0 kommentar(er)
