Get to Know Aembit and Workload IAM: Join Our Thursday Webinar!

RSAC™ Innovation Sandbox FINALIST 2024 banner
Aembit is an RSA Conference Innovation Sandbox finalist! Read the news
Blog

Aembit Product Update December 2022

Our latest release adds support for Helm-based deployment, API Keys, and TLS to AWS RDS for PostgreSQL.
Aembit Product Update December 2022 header image with aembit and helm logos

Helm Deployment

This week we released the official Helm Chart for Aembit Edge. Now you can use Helm to deploy the Aembit Edge components on Kubernetes in just a few minutes. The Aembit Helm Chart makes it even easier to use Aembit to manage access to services from your workloads running in Kubernetes.

To deploy Aembit with Helm, do the following:

Add the Aembit Helm repository.

helm repo add aembit https://helm.aembit.io/

Install Aembit Edge.

helm install aembit aembit/aembit --create-namespace -n aembit --set tenant=<your-tenant-id>

Add the aembit.io/agent-inject annotation to your workload deployment file. (Here’s an example snippet)

# Deployment for MyApp workload
apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-app
spec:
  replicas: 1
  selector:
    matchLabels:
      app: my-app
  template:
    metadata:
      labels:
        app: my-app
      annotations:
        aembit.io/agent-inject: "enabled"

The Aembit Helm chart will be the default way to install and upgrade Aembit Edge, making access management a natural part of your DevOps workflow.

API Key Support

Aembit continues to add Credential Provider integrations. We already support advanced authentication types, like Google Workload Identity Federation and OAuth 2.0 Client Credentials.

Now we’ve added support for API Keys.

API keys can be particularly susceptible to compromise since they are typically long-lived credentials. Further, API providers and gateways consume API Keys in various ways, resulting in inconsistent and often insecure client-side implementations. Aembit can now protect API keys and inject them into HTTP requests just-in-time in the standard Authorization header, a custom header, or a query parameter.

Our API Key support makes these credentials more secure and your API integrations simpler and more uniform.

TLS Support for Amazon RDS for PostgreSQL

Databases are often exposed internally or externally over the internet without TLS enabled, exposing organizations (and customers and employees) to sensitive data exposure.

Aembit has released TLS Support for Amazon RDS for PostgreSQL to make it easier to enable TLS at your RDS instances and connect to them securely wherever they are.

Even if your client workloads don’t yet support encrypted connections, Aembit Edge will securely proxy the PostgreSQL protocol from non-TLS-enabled client workloads to TLS-enabled RDS instances.


Aembit is the Identity Platform that lets DevOps and Security manage, enforce, and audit access between federated workloads. 

We invite you to try it today!

You might also like

If this definitive list doesn't convince you to pay us a visit, learn about Workload IAM, and meet the people behind the product, nothing will.
Snowflake shines in storage and analytics, yet your success hinges on adhering to security best practices, with workload IAM acting as a crucial ally.
This attestation method is designed for on-premises setups without the availability of AWS or Azure metadata services.