Protecting the Crown Jewels: How to manage and secure your Kubernetes secrets

Kubernetes secrets are a necessity to the majority of Kubernetes users. Most applications require secrets. A Kubernetes secret stores sensitive data, such as passwords, OAuth tokens, and SSH keys. Securing these assets and ensuring their integrity is vital.

• How do admins safely and reliably manage these secrets?
  
• Which options are currently available in and outside of Kubernetes?
  
• How do you avoid storing the same secret multiple times across different environments?
  

Join our talk to learn which methods are available to safely secure your Kubernetes secrets in a production environment. Simon will demonstrate various ways of storing and accessing secrets in and outside of a Kubernetes cluster. He will show how to utilise HashiCorp Vault to store your secrets. And he will also explain how to sync external secrets to multiple clusters with the Kubernetes Secrets store CSI driver.

Vorkenntnisse

The attendees should have a basic understanding of Kubernetes. They should be familiar with deployment technics and GitOps workflows. A basic understanding of KMS would be helpful but not necessary.

Lernziele

The attendees will learn best practices to store and secure their Kubernetes secrets. I will provide an opinionated view on how to store secrets in a secure environment. And distribute them to one or multiple clusters. I will also provide a few suggestions including software to use to get the job done.