Sensitive Information Disclosure in Kubernetes

Secrets

Kubernetes Secrets let you store and manage sensitive information, such as passwords, OAuth tokens, and ssh keys. Storing confidential information in a Secret is safer and more flexible than putting it verbatim in a Pod definition, a container image, or as a file in the filesystem.

Secrets can be consumed by mounting them as a file in one or more containers, as a container environment variable, or by the kubelet when pulling the images for the Pod.