This repository has been archived by the owner on Jul 28, 2023. It is now read-only.
Ensure all secrets are encrypted when at REST #14
Labels
Comments
|
Note that this only encrypts the data at rest in etcd - once injected into a container as an environment variable, that env var is not encrypted. |
|
Correct Chris. We also will need a more holistic solution that encompasses how secrets are stored inside a container instance. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
By default K8s secrets are NOT encrypted at REST (when stored by etcd). Any use of secrets by Kabanero should ensure encryption is enabled. See 👍 https://kubernetes.io/docs/tasks/administer-cluster/encrypt-data/
The text was updated successfully, but these errors were encountered: