- Create Secrets
Secrets are resources containing keys with base64 encoded values. Secrets are not encrypted by default, they are only encoded and can get decoded easily by everyone who has access to a namespace or to the whole cluster.
Secret values can be exposed to pods as environment variables or mounted as files.
In order to create a secret from a text file, you can run the following.
This creates a generic secret named secretname and automatically encodes the value as base64:
- Further reading
- Injecting Secrets into Kubernetes Pods via Vault Helm Sidecar
- Topic 4