Helm Deployment
This week we released the official Helm Chart for Aembit Edge. Now you can use Helm to deploy the Aembit Edge components on Kubernetes in just a few minutes. The Aembit Helm Chart makes it even easier to use Aembit to manage access to services from your workloads running in Kubernetes.
To deploy Aembit with Helm, do the following:
Add the Aembit Helm repository.
helm repo add aembit https://helm.aembit.io/
Install Aembit Edge.
helm install aembit aembit/aembit --create-namespace -n aembit --set tenant=<your-tenant-id>
Add the aembit.io/agent-inject
annotation to your workload deployment file. (Here’s an example snippet)
# Deployment for MyApp workload
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-app
spec:
replicas: 1
selector:
matchLabels:
app: my-app
template:
metadata:
labels:
app: my-app
annotations:
aembit.io/agent-inject: "enabled"
The Aembit Helm chart will be the default way to install and upgrade Aembit Edge, making access management a natural part of your DevOps workflow.
API Key Support
Aembit continues to add Credential Provider integrations. We already support advanced authentication types, like Google Workload Identity Federation and OAuth 2.0 Client Credentials.
Now we’ve added support for API Keys.
API keys can be particularly susceptible to compromise since they are typically long-lived credentials. Further, API providers and gateways consume API Keys in various ways, resulting in inconsistent and often insecure client-side implementations. Aembit can now protect API keys and inject them into HTTP requests just-in-time in the standard Authorization header, a custom header, or a query parameter.
Our API Key support makes these credentials more secure and your API integrations simpler and more uniform.
TLS Support for Amazon RDS for PostgreSQL
Databases are often exposed internally or externally over the internet without TLS enabled, exposing organizations (and customers and employees) to sensitive data exposure.
Aembit has released TLS Support for Amazon RDS for PostgreSQL to make it easier to enable TLS at your RDS instances and connect to them securely wherever they are.
Even if your client workloads don’t yet support encrypted connections, Aembit Edge will securely proxy the PostgreSQL protocol from non-TLS-enabled client workloads to TLS-enabled RDS instances.
Aembit is the Identity Platform that lets DevOps and Security manage, enforce, and audit access between federated workloads.
We invite you to try it today!