Project Galadriel is an open-source project that streamlines the configuration of Federation relationships among SPIRE Servers and manages the secure exchange of Trust Bundles based on the registered and approved relationships. It functions as a central hub for the management and auditing of these Federation relationships.
- Alternative approach to SPIRE Federation: Galadriel is built on top of SPIRE APIs to streamline the management of foreign Trust Bundles.
- Federation at scale: Galadriel simplifies the configuration of multiple SPIRE Server federations while prioritizing security.
- Central hub: Galadriel provides a centralized platform where federation relationships can be defined and audited.
- A replacement for SPIRE/SPIFFE Federation: Galadriel does not replace SPIRE Federation, instead, it leverages existing SPIRE capabilities.
- A SPIRE plugin: Galadriel is deployed as a standalone component, not as a SPIRE plugin.
- Download the appropriate binary from our releases page.
- Follow the instructions in our Getting Started Guide.
Project Galadriel is an open-source project under the Apache 2 license. We welcome any form of contribution, whether it's documentation, new features, bug fixes, or issues. Check out our Contributing guidelines to learn about our contribution management, and the Governance policy to understand the various roles within the project.
Project Galadriel has currently reached the Proof of Concept milestone (v0.1.0). Refer to the Roadmap to learn about our future plans.
Feel free to explore our Design Document, which provides more information about Galadriel's architecture and future plans. Your comments and suggestions are welcome and highly appreciated.
- SPIRE Bridge: an Alternative Approach to SPIFFE Federation - Juliano Fantozzi, Maximiliano Churichi / SPIFFE Community Day Fall 2022 (October 2022) / video, slides, demo
- Galadriel - A SPIRE Federation Alternative - William Barrera Fuentes / HPE Developer Community (October 2022) / blog post
Please refer to our Security policy for more information about security updates and how to report potential vulnerabilities.