Vault K8s
dhi.io/vault-k8s
vault-k8s is HashiCorp's Kubernetes integration that automatically injects Vault Agent containers into pods via a mutating admission webhook, enabling applications to seamlessly access HashiCorp Vault secrets without code changes by intercepting pod creation, reading annotations, and modifying pod specifications to include secret retrieval and rendering capabilities.
vault-k8s is HashiCorp's official Kubernetes integration that provides seamless secret management for containerized applications. It operates as a mutating admission webhook that automatically injects Vault Agent containers into Kubernetes pods, enabling applications to access HashiCorp Vault secrets without requiring code changes or direct Vault API knowledge.
The system works by intercepting pod creation events, examining pod annotations to determine secret requirements, and then modifying pod specifications to include Vault Agent init and sidecar containers that authenticate with Vault, retrieve secrets, and render them to shared volumes accessible by application containers.
This approach allows organizations to centralize secret management through Vault while maintaining the simplicity and security of Kubernetes deployments, supporting use cases like legacy application modernization, automated secret rotation, and compliance requirements across development and production environments.
Docker Hardened Images are built to meet the highest security and compliance standards. They provide a trusted foundation for containerized workloads by incorporating security best practices from the start.
These images are published with near-zero known CVEs, include signed provenance, and come with a complete Software Bill of Materials (SBOM) and VEX metadata. They're designed to secure your software supply chain while fitting seamlessly into existing Docker workflows.
This listing is prepared by Docker. All third-party product names, logos, and trademarks are the property of their respective owners and are used solely for identification. Docker claims no interest in those marks, and no affiliation, sponsorship, or endorsement is implied.
Try DHI Enterprise
Start a free 30-day DHI Enterprise trial to mirror this image to your organization's registry and unlock full benefits.
SLA-backed CVE remediations
FIPS & STIG-compliant variants
Customizations at enterprise scale
Distribution:
Packages
179
Vulnerabilities
vault-k8s 1.7.x (fips, dev)
Updated: 2 days ago
vault-k8s 1.7.x (fips)
Updated: 9 days ago
vault-k8s 1.7.x (dev)
Updated: 2 days ago
vault-k8s 1.7.x
Updated: 9 days ago
vault-k8s 1.6.x (fips, dev)
Updated: 2 days ago
Join GitHub Discussions or our Slack community to share ideas, ask questions, and connect with the team.
Go to discussionsJoin community