1 unstable release
0.1.0-alpha | Jun 16, 2020 |
---|
#6 in #identities
24KB
559 lines
keyvault-agent
An SSH Agent backed by Azure Key Vault keys
- Authenticate to Key Vault using Active Directory credentials, including VM managed identities
- SSH private keys are safeguarded in a vault
- Access to keys can be controlled by AD group membership, enabling just-in-time access via group membership
Installation
Linux or Mac OS
cargo install keyvault-agent
# Authenticate using a logged in Azure SDK (requires the Azure SDK).
# Other authentication methods are available.
keyvault-agent authenticate azure-sdk
keyvault-agent add-key {key vault key URI}
# Run this line for every new console.
eval $(keyvault-agent daemon)
Dependencies
~14–26MB
~399K SLoC