Link Search Menu Expand Document

Sensitive Information Disclosure in Kubernetes

Secrets

Kubernetes Secrets let you store and manage sensitive information, such as passwords, OAuth tokens, and ssh keys. Storing confidential information in a Secret is safer and more flexible than putting it verbatim in a Pod definition, a container image, or as a file in the filesystem.

Secrets can be consumed by mounting them as a file in one or more containers, as a container environment variable, or by the kubelet when pulling the images for the Pod.