-
Notifications
You must be signed in to change notification settings - Fork 17
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
csi-driver-spiffe vs csi-driver #39
Comments
You can request the same certificates with csi-driver that you can request with csi-driver-spiffe. |
From the documentation of the cert-manager we can see that csi-driver spiffe allows to use SVIDs to enable mTLS between pods within their trust domain (https://cert-manager.io/docs/projects/csi-driver-spiffe/). However, in the csi-driver documentation (https://cert-manager.io/docs/projects/csi-driver/) there is also a way to use SPIFFE IDs and it also adds the right to use dnsNames (csi.cert-manager.io/dns-names). I am wondering, what is the difference between using these two tools, so what is the csi-driver-spiffe providing additionally and why it would be useful. Can the csi-driver-spiffe also be used to validate dns names when it requests the certificate? And is there any relevant documentation for this?
The text was updated successfully, but these errors were encountered: