Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ


Choose your language

InfoQ Homepage News CNCF Publishes Latest Technology Radar Focused on Secrets Management

CNCF Publishes Latest Technology Radar Focused on Secrets Management

This item in japanese

CNCF published the fourth edition of the end-user Technology Radar. This time the theme was secrets management: the set of tools and technologies to manage digital authentication. The purpose of this edition is to share what tools are used by end-users, what tools they recommend, and to identify any patterns that have emerged.

CNCF Tech Radar for Secrets Management


Courtesy of the Cloud Native Computing Foundation

The Technology Radar team reported four themes that came out of this survey. The first theme is the widespread adoption of HashiCorp Vault. While Vault has sometimes been considered in the industry as a complex tool with a high operational burden, the Technology Radar team believes it removes the complexity of creating an in-house tool and also that it appears to be a convenient solution for multi-cloud environments.

The second theme is that offerings from cloud providers were also widely adopted among the participating companies. This includes AWS Secrets Manager, AWS Key Management Service, AWS Certificate Manager, Azure Key Vault, and GCP Secrets Management.

The third theme is the popularity of cert-manager, a CNCF sandbox project for x509 certificate management that runs within your Kubernetes cluster. While it’s a new solution and platform-specific, it offers tight integration with the rest of the Kubernetes ecosystem.

The last theme was focused on other solutions in the space that were fragmented across various levels of maturity and complexity. These are not secrets management tools, but rather part of another product assists with secret management; for example, encrypting files in a Git repository and encrypting data bags in Ansible, Chef, or Puppet. Such tools didn’t receive enough votes to be included on the radar.

One result that surprised the Technology Radar team is the low adoption of SPIRE, a CNCF incubating project that is a toolchain of APIs for establishing trust between software systems across a wide variety of hosting platforms. The Technology Radar team believes this is most likely because the project is still in its earlier stages and has not yet reached feature stability.

In this survey, 29 companies contributed 79 data points on 21 solutions. These were sorted to determine the final positions. The Technology Radar team then curated the responses, identified shared outcomes, and described any patterns or themes they saw in the data or from their own experience.

Dozens of companies have adopted technology radars, often based on the ThoughtWorks model, in order to evaluate emerging technologies.

For each CNCF end-user Technology Radar, three to five companies are randomly chosen from the CNCF end-user community and asked to form an editorial team.

Cheryl Hung, VP ecosystem at the CNCF, underscored the benefits of the technology radar to the community :

The Technology Radar takes advantage of the collective knowledge of the CNCF End User Community, the largest end-user community of any open-source foundation, to bubble up tools and technologies that organizations should consider now when building their cloud-native applications.

The team chooses the topic based on suggestions from the community. The selected end-user community are then tasked with describing what their companies recommend for a list of different solutions and place them at one of three categories:

Assess: The CNCF end-user community has tried it out and finds it promising. It’s recommended to have a look at solutions in this category when you face a specific need for the technology in your project.

Trial: The CNCF end-user community has used it with success, and it’s recommended to have a closer look at the technology.

Adopt: The CNCF end-user community can recommend this technology. It’s has been used by community members for a long period in many teams, and it has been proven to be stable.

According to the CNCF end user tech radar webinar pertaining to this edition, the results of the survey conducted in February 2021 are limited to 140 end user companies, including Apple, Peloton, Box, Workday, and Intuit.

Users from the community can recommend or vote up or down for future radar topics. Also, feedback can be sent to

Rate this Article