Risks

  • Home
  • Kubernetes
  • Risks
  • Immutable Secrets for Enhanced Kubernetes Security and Secret Management

Immutable Secrets for Enhanced Kubernetes Security and Secret Management

Enhance Kubernetes Security and Secret Management with Immutable Secrets

Secrets can be easily accessed and modified. A secret consists of several components, e.g., a token. A change in the token is difficult to trace.

A change in a secret can even cause damage in the cluster. (Accidental) modification of a secret, which is located in the kube-system namespace, can paralyze the cluster in the worst case.

Since v.1.19 immutable Secrets, which cannot be changed once created.

To do it, change the following in the yaml:

apiVersion: v1
kind: Secret
metadata:
  ...
data:
  ...
immutable: true

follow these measures

Any Questions?

Please feel free to contact us for any question that is not answered yet. 

We are looking forward to get in contact with you!

Design Escapes

KubeOps GmbH
Hinter Stöck 17
72406 Bisingen
Germany

  • Telefon:

    +49 7433 93724 90

  • Mail:

    This email address is being protected from spambots. You need JavaScript enabled to view it.

Legal
Download Area
Certified as

KubeOps GmbH is the owner of the Union trademark KubeOps with the registration number 018305184. 

© KubeOps GmbH. All rights reserved. Subsidiary of