Maybe you already use 1Password as your personal password manager. Well, maybe you’re working on a personal side project that needs to run on Kubernetes but setting up Vault feels like overkill, and AWS Secrets Manager isn’t free, and maybe SealedSecrets is a little too complex for your taste. Today we’re looking at integrating Kubernetes with 1Password. Or Bitnami SealedSecrets, which allows you to encrypt secrets properly so that you can store them in Git. Solutions like HashiCorp Vault or AWS Secrets Manager are great solutions for this. There are many solutions built specifically for secrets management, and a lot of them can actually be used with Kubernetes. So quite often we’ll look for a way to store secrets outside of Kubernetes and then deploy them into a cluster. Except that the secrets are not really encrypted (just base64 encoded), and actually storing them in Kubernetes is a bad idea for many reasons (long story short: infrastructure is unreliable and nobody wants to backup/restore Kubernetes). Kubernetes offers Secrets as a clean abstraction to store sensitive information separate from deployment config, and apply access controls to it. Now let’s add Kubernetes into the mix as well. Passwords are floating around in config files, and it’s no exception to find plain-text credentials in a Git repository somewhere. Infrastructure and systems are even worse. Larger enterprises, however, are often still struggling here and you’ll find password-protected Excel sheets, KeePass files and loads of shadow IT floating around. And nowadays most people have some sort of password manager, whether it be integrated in their operating system or browser, or a dedicated password management tool like 1Password or LastPass. And also: please give me a means to make all this secure behaviour easy for me. Use passwords that are difficult to guess. Don’t write down your passwords on sticky notes.
#Secret key one password how to#
In this blog I’ll show you how to set it up.ĭon’t use the same password twice. Sounds good? According to 1Password this is even enterprise-ready. Integrating Kubernetes with 1Password for infrastructure secrets ←Home About Subscribe Integrating Kubernetes with 1Password for infrastructure secrets Decouple your secrets from Kubernetes by using a password manager.
0 kommentar(er)
