Our Just-in-Time Rotation feature is now live, and you can explore it for free on our platform!
We shared our plans in a recent blog post: Async Rotation and after gathering feedback and listening to requests from our community and partners, we officially launched this feature with a focus on real-world use cases. Many organizations face the challenge of waiting for data to sync within a refresh interval. Just-in-Time Rotation solves this by ensuring that updated secrets are available immediately upon changes in the source of truth or triggered by supported event sources.
Currently, our Just-in-Time Rotation feature integrates with:
- AWS SQS (using AWS Secrets Manager and EventBridge)
- Google Cloud Pub/Sub (with GCP Secret Manager and Log Router)
- Azure Event Grid (with Azure Key Vault)
We also offer a generic Webhook provider, allowing you to configure it to listen to any payload that meets your needs. All of this is available on our free tier. Plus, we’re removing cluster limits! Use our free tier across as many clusters as you need and take advantage of all developer-focused features we release.
To simplify setup, we provide Terraform code for the essential infrastructure (e.g., CloudTrail, SQS, GCP Router) so you can get started quickly.
For the generic Webhook listener and Azure Event Grid, you’ll need to set up ingresses, allowing the Async Rotator Webhook in your cluster to be accessible by the event source (like Event Grid). Our documentation includes step-by-step guides for setting it up, (e.g. Azure Event Grid – log in to the platform to access). However, setup may vary based on your infrastructure — please reach out if you need any assistance!
We’re excited to attend KubeCon in Salt Lake City and can’t wait to connect with you! We’ll be showcasing our latest features, designed to integrate seamlessly with External Secrets OSS and our new enterprise offerings. Stop by to chat with us, share your feedback, and help us shape the future of secret management.