Not so Secretive Secrets
In this lesson, first, we will explore the insecurities associated with using Secrets and then discuss the actions we can perform to secure the environment.
The Insecurities
Almost everything Kubernetes needs is stored in etcd. That includes Secrets. The problem is that they are stored as plain text. Anyone with access to etcd has access to Kubernetes Secrets. We can limit the access to etcd, but that’s not the end of our troubles.
etcd stores data to disk as plain text. Restricting the access to etcd still leaves the Secrets vulnerable to who has access to the file system. ...
Access this course and 1400+ top-rated courses and projects.