conf.directory

DevOpsDays Philadelphia 2019 - Base64 is not encryption - a better story for... by Seth Vargo

Confreaks
28:55
0 views
Published July 5, 2022

About this talk

DevOpsDays Philadelphia 2019 - Base64 is not encryption - a better story for Kubernetes Secrets by Seth Vargo Secrets are a key pillar of Kubernetes’ security model, used internally (e.g. service accounts) and by users (e.g. API keys), but did you know they are stored in plaintext? That’s right, by default all Kubernetes secrets are base64 encoded and stored as plaintext in etcd. Anyone with access to the etcd cluster has access to all your Kubernetes secrets. Thankfully there are better ways. This lecture provides an overview of different techniques for more securely managing secrets in Kubernetes including secrets encryption, KMS plugins, and tools like HashiCorp Vault. Attendees will learn the tradeoffs of each approach to make better decisions on how to secure their Kubernetes clusters.

Stay Updated

Get notified about new features and conference additions.

Related Talks

The Art of Code - Dylan Beattie
01:00:49

The Art of Code - Dylan Beattie

Dylan Beattie
NDC Conferences
4,796,409 views
February 26 2020
Watch Now
What the heck is the event loop anyway? | Philip Roberts | JSConf EU
26:53

What the heck is the event loop anyway? | Philip Roberts | JSConf EU

Philip Roberts
JSConf EU
3,551,387 views
October 9 2014
Watch Now
Expert Talk: DevOps & Software Architecture • Simon Brown, Dave Farley & Hannes Lowette • GOTO 2021
39:51

Expert Talk: DevOps & Software Architecture • Simon Brown, Dave Farley & Hannes Lowette • GOTO 2021

Simon Brown, Dave Farley & Hannes Lowette
GOTO Conferences
3,109,641 views
February 15 2022
Watch Now
DevOpsDays Philadelphia 2019 - Base64 is not encryption - a better story for... by Seth Vargo | conf.directory | conf.directory