Home Business Analyst BA Agile Coach Securing Kubernetes Secrets (Cloud Next '19)

Securing Kubernetes Secrets (Cloud Next '19)


Secrets are a key pillar of Kubernetes’ security model, used internally (e.g. service accounts) and by users (e.g. API keys), but did you know they are stored in plaintext? That’s right, by default all Kubernetes secrets are base64 encoded and stored as plaintext in etcd. Anyone with access to the etcd cluster has access to all your Kubernetes secrets.

Thankfully there are better ways. This lecture provides an overview of different techniques for more securely managing secrets in Kubernetes, including secrets encryption, KMS plugins, and tools like HashiCorp Vault. Attendees will learn the trade-offs of each approach to make better decisions on how to secure their Kubernetes clusters.

Securing Kubernetes Secrets → http://bit.ly/2TYdHiS
Application-layer Secrets Encryption → http://bit.ly/2Uhn7v7

Watch more:
Next ’19 Hybrid Cloud Sessions here → https://bit.ly/Next19HybridCloud
Next ‘19 All Sessions playlist → https://bit.ly/Next19AllSessions

Subscribe to the GCP Channel → https://bit.ly/GCloudPlatform

Speaker(s): Seth Vargo, Alexandr Tcherniakhovski

Session ID: HYB200
product:Kubernetes Engine,Cloud KMS; fullname:Alexandr Tcherniakhovski,Seth Vargo; event: Google Cloud Next 2019; re_ty: Publish; product: Cloud – Containers – Google Kubernetes Engine (GKE); fullname: Seth Vargo;


Previous article(#36) How to create Pull Request in azure devops | Azure devops tutorial for beginners
Next articleDocker超入門講座 合併版 | ゼロから実践する4時間のフルコース


Please enter your comment!
Please enter your name here