Fujitsu Enterprise Postgres for Kubernetes enhances security of PostgreSQL by providing some unique features. One such feature is the integration with Cloud Secret Store. Customers can opt to store the database secrets, such as database user password or certificates, in an external secret store such as:

• Azure Key Vault

• AWS Secrets Manager

• GCP Secret Manager and

• HashiCorp Vault

Cloud Secret Store leverages the Secret Store CSI Driver, https://secrets-store-csi-driver.sigs.k8s.io/ and respective provider drivers by Azure, AWS, GCP and HashiCorp to integrate with Fujitsu Enterprise Postgres for Kubernetes. With this integration, one can:

• Manage Postgres username/password on Cloud Secret Store

• Manage SSL Certificate on Cloud Secret Store

Benefits of this integration:

• Passwords and certificates are stored in a centralised Cloud Secret Store instead of locally on each Kubernetes cluster

• Allow automatic password and certificate rotation

• Separation of duties; person who maintain the FEP cluster can be a different person who maintain the passwords and certificates in Cloud Secret Store

• Access to secrets in Cloud Secret Store is controlled by authentication and authorization on the Cloud provider