Securing your app's communications with Kubernetes, Azure Key Vault, and TLS certificates


Get the slides:

eugene romero


Managing Cloud Advisor @ Capgemini


15+ years in infrastructure and software development


Voted "most likely to quote The Simpsons at inappropriate times"

The Problem


Get the slides:

Secrets and code should be kept separate until runtime

Secrets should be automatically injected into apps, without human intervention

Secrets management is hard

(A) Solution


Get the slides:

Azure Key Vault

Kubernetes Secrets Store CSI Driver


Kubernetes Secrets Store CSI Driver

Integrates secrets stores with Kubernetes via a

Container Storage Interface (CSI) volume

Allows Kubernetes to collect secrets, keys, and certs from enterprise-grade external secrets stores and mount them as pod volumes



Get the slides:

Internal CA Authority

Apps need to access internal sites securely over HTTPS

Company with internal resources




demo diagram

demo components

Kubernetes (Minikube)

Azure CLI

Helm chart

Please hold for demo...


Get the slides:

More Information

Secrets Store CSI Driver


Demo repository and files


Detailed post and walkthrough

Get in touch!


ask me for a sticker!