[Webinar] Ditch Static Credentials: Embrace WIF for Enhanced Security | Nov 6 at 11 a.m. PT | Register Now

Aembit Earns Prestigious Runner-Up Spot at RSA Innovation Sandbox Contest! Watch the Announcement

Aembit Product Update December 2022

Aembit Product Update December 2022 header image with aembit and helm logos

Helm Deployment

This week we released the official Helm Chart for Aembit Edge. Now you can use Helm to deploy the Aembit Edge components on Kubernetes in just a few minutes. The Aembit Helm Chart makes it even easier to use Aembit to manage access to services from your workloads running in Kubernetes.

To deploy Aembit with Helm, do the following:

Add the Aembit Helm repository.

helm repo add aembit https://helm.aembit.io/

Install Aembit Edge.

helm install aembit aembit/aembit --create-namespace -n aembit --set tenant=<your-tenant-id>

Add the aembit.io/agent-inject annotation to your workload deployment file. (Here’s an example snippet)

# Deployment for MyApp workload
apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-app
spec:
  replicas: 1
  selector:
    matchLabels:
      app: my-app
  template:
    metadata:
      labels:
        app: my-app
      annotations:
        aembit.io/agent-inject: "enabled"

The Aembit Helm chart will be the default way to install and upgrade Aembit Edge, making access management a natural part of your DevOps workflow.

API Key Support

Aembit continues to add Credential Provider integrations. We already support advanced authentication types, like Google Workload Identity Federation and OAuth 2.0 Client Credentials.

Now we’ve added support for API Keys.

API keys can be particularly susceptible to compromise since they are typically long-lived credentials. Further, API providers and gateways consume API Keys in various ways, resulting in inconsistent and often insecure client-side implementations. Aembit can now protect API keys and inject them into HTTP requests just-in-time in the standard Authorization header, a custom header, or a query parameter.

Our API Key support makes these credentials more secure and your API integrations simpler and more uniform.

TLS Support for Amazon RDS for PostgreSQL

Databases are often exposed internally or externally over the internet without TLS enabled, exposing organizations (and customers and employees) to sensitive data exposure.

Aembit has released TLS Support for Amazon RDS for PostgreSQL to make it easier to enable TLS at your RDS instances and connect to them securely wherever they are.

Even if your client workloads don’t yet support encrypted connections, Aembit Edge will securely proxy the PostgreSQL protocol from non-TLS-enabled client workloads to TLS-enabled RDS instances.


Aembit is the Identity Platform that lets DevOps and Security manage, enforce, and audit access between federated workloads. 

We invite you to try it today!

You might also like

The new capability enables granular access without having to manage secrets.
If you think non-human identity security is just service account management in disguise, you might be missing the bigger picture.
Starting March 31, new payment security rules tighten controls on non-human identities – pushing organizations beyond IGA to real enforcement.