Kubernetes base64 secrets are fine, with Mac Chaffee

By default, Kubernetes Secrets are not encrypted; values are merely base64 encoded.And this is fine — at least, this is what Mac argues in this episode of KubeFM.Mac says it all comes down to thinking strategically about security and where the Secrets could be leaked.In this episode, you will learn:How to define a threat model to inform your security posture and mitigations.How Kubernetes Secrets offer sufficient guarantees for most common threat models.If you should use Hashicorp Vault or Kubernetes Secrets (and when not to use auto-unsealing).Mac also covers tips and advice on becoming a security expert.More infoFind all the links and info for this episode here: https://ku.bz/rFlp8Yj9sInterested in sponsoring an episode? Learn more.

NOW PLAYING

0:00 29:29

1×

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Share this episode

Similar Episodes

No similar episodes found.

Similar Podcasts

No similar podcasts found.

Frequently Asked Questions

How long is this episode of KubeFM?

This episode is 29 minutes long.

When was this KubeFM episode published?

This episode was published on November 28, 2023.

What is this episode about?

Can I download this KubeFM episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.

URL copied to clipboard!