Kubernetes integrations
You can use Kubernetes integrations to deploy a 1Password Connect Server or a 1Password Service Account to a Kubernetes cluster.
1Password offers multiple Kubernetes integrations, including the Kubernetes Secrets Injector, the Kubernetes Operator, and Helm charts (which support both the Kubernetes Injector and the Kubernetes Operator). The best integration option depends on your unique environment.
Comparison
Both the Kubernetes Injector and the Kubernetes Operator work by allowing you to inject secrets from 1Password into a Kubernetes environment. However, they vary slightly based on your intended use case and their requirements.
The 1Password Helm charts allow you to more easily deploy a Connect server, the Kubernetes Operator, or the Kubernetes Injector.
Refer to the following table to learn the differences between the integrations.
| Feature | Kubernetes Injector | Kubernetes Operator |
|---|---|---|
| Supports service accounts | Yes | No |
| Supports Connect servers | Yes | Yes |
| Allows for granular selection of secrets | Yes | No |
| Uses Kubernetes Secrets | No | Yes |
| Injects 1Password items directly into Kubernetes pods | Yes | No |
| Works with multiple credentials simultaneously | Yes | No |
| Supports automatic redeployment when 1Password items change | No | Yes |
| Requires a Connect token to deploy | No | Yes |
Kubernetes Injector
The 1Password Kubernetes Secrets Injector implements a mutating webhook that allows you to inject 1Password secrets as environment variables into a Kubernetes pod or deployment. You can use the Kubernetes Injector with Connect servers or service accounts.
Get started with the Kubernetes InjectorKubernetes Operator
The 1Password Connect Kubernetes Operator integrates Kubernetes Secrets with 1Password with one or more Connect servers. It allows you to:
- Create Kubernetes Secrets from 1Password items and load them into Kubernetes deployments.
- Automatically restart deployments when 1Password items update.
1Password Helm charts
Helm is a tool that helps you manage Kubernetes applications through specification files called Helm charts. Helm charts define a Kubernetes application and make it easy to share, install, and upgrade.
The official 1Password Helm charts allow you to create a Secrets Automation workflow deployment using a predefined specification.
Get started 1Password Helm charts