Kubernetes secrets
https://kubernetes.io/docs/concepts/configuration/secret/
Kubernetes Secret Types:
Opaque arbitrary user-defined data kubernetes.io/service-account-token ServiceAccount token kubernetes.io/dockercfg serialized ~/.dockercfg file kubernetes.io/dockerconfigjson serialized ~/.docker/config.json file kubernetes.io/basic-auth credentials for basic authentication kubernetes.io/ssh-auth credentials for SSH authentication kubernetes.io/tls data for a TLS client or server bootstrap.kubernetes.io/token bootstrap token data istio.io/key-and-cert
Examples
kubectl create secret
,kubectl get secrets
,kubectl describe secrets/MY_SECRET_NAME
kubectl apply secret.yml
kubectl describe secrets/MY_SECRET_NAME
Related terms
- Use ConfigMaps and Secrets to configure applications, CKA v1.24 (2022), CKA v1.23 (2021)
- CKA v1.18: Security persistent key value store
- CKA v1.15: Create & consume Secrets
ConfigMaps
secret not found
- Kustomize
base64 --decode; echo
SecretKeyRef
type: Opaque
- SOPS: Secrets OPerationS:
sops
- Kubernetes HostPath volume provider
Activities
- Delete and recreate your secret
- Learn about different
kind: Secret
types. - Read https://poweruser.blog/how-to-encrypt-secrets-in-config-files-1dbb794f7352
News
See also
- Kubernetes secrets:
kubectl [ get | create | describe | delete | secret ] secrets
,secret.yml, kind: Secret, secretKeyRef, default-token, imagePullSecrets:, kubernetes.io/dockerconfigjson
- Secrets: Kubernetes secrets,
ansible-vault
, Hashicorp Vault, AWS Secrets Manager, Google Secret Manager,git-crypt
, SOPS: Secrets OPerationS, Google Cloud Secret Manager, GitHub secret scanning alerts
Advertising: