Kubernetes - Encrypting Secrets in etcd. Kubernetes Security - Network Nuts
Вставка
- Опубліковано 8 січ 2025
- Learn how to encrypt secrets in etcd. Secrets by default are decoded and are saved in plain text inside etcd database. Learn how to encrypt secrets inside etcd. Certified Kubernetes Security Specialist. Kubernetes security video.
Glad to see you as in person, you are the motivation for tech- learning people like me.
Thanks for the explaination Sir ..🎉
Thank you for describing the steps before performing them. Very helpful. Keep up the great work.
Thank you sir for your awesome video, you teach like your teacher in school, with fault prediction and patient 🙏
Good to see you long time
we have created a key for encryption, where do we have o store that key and incase we have to rotate the key what are the best practices
What happens if we put multiple keys in the provider. Which key will be used for encryption and which key will be used for decryption?
Great It's security issue
Excellent sir. but still if a hacker access my k8 cluster, then he/she can still get my secret by simply running kubectl get command right? So Could you please tell me what is the advantage of doing encryption at rest
@Abdullah Jandali unfortunately I didn’t get solution :(
@@abdullahjandali583 I don't know a real answer to this but at least you can keep the secret and etcd in separate hosts, so that an attacker would need to break into 2 different hosts before causing harm.
I'm looking for same. Its good to encrypt etcd data and this provides clear walktru to do it; however pods pulling and storing those secrets locally to make their communication calls internally and external from k8 cluster...they are still storing those secrets in plain text for their own use locally.