Deckhouse Stronghold is available as Community Edition (CE) and Enterprise Edition (EE).
Deckhouse Stronghold CE is available for use in any of the Deckhouse Kubernetes Platform editions.
Deckhouse Stronghold EE is licensed separately and available for use in any commercial edition of DKP.
The table below provides a brief comparison of the Deckhouse Stronghold editions, listing their main features and details:
| Feature | CE | EE |
|---|---|---|
| Secure management of the secret lifecycle (storage, creation, delivery, revocation, and rotation) |  |
|
| Support of IaC automation tools (Ansible, Terraform) | |
|
| Support of authentication methods | JWT, OIDC, Kubernetes, LDAP, Token | JWT, OIDC, Kubernetes, LDAP, Token |
| Support of KV, Kubernetes, Database, SSH, and PKI secret engines | |
|
| Deploying to an air-gapped environment | |
|
| Web interface | |
|
| Role and access policy management through a web interface |  |
|
| Support for namespaces | |
|
| Built-in automatic unsealing of the vault | |
|
| Data replication | |
KV1/KV2 |
| Automatic backup creation on a schedule | |
|
| Audit logging support | |
|
| Delivery as standalone executable file | |
|
| Launching in DKP CE | |
|
| Technical support «Standard» |  |
|
| Technical support «Standard +» | |
|