Kubernetes

What is Secret?

A Kubernetes object for storing sensitive data like passwords, tokens, and keys.

A Kubernetes Secret stores sensitive information such as passwords, API tokens, and TLS certificates. Secrets are base64-encoded (not encrypted by default) and stored in etcd. Enable etcd encryption at rest and use external secret managers (Vault, AWS Secrets Manager via External Secrets Operator) for production security. Secrets are consumed by pods as environment variables or file volume mounts. Avoid putting secrets in container images or Git repositories.

Related Terms

ConfigMap Vault (HashiCorp)Pod

More Kubernetes Terms

Admission Controller

A Kubernetes plugin that intercepts API requests before objects are persisted.

Auto Scaling

Automatically adjusting the number of compute resources based on demand.

ClusterIP

The default Kubernetes Service type that exposes a service on an internal cluster IP.

ConfigMap

A Kubernetes object for storing non-sensitive configuration data as key-value pairs.

Controller Manager

Kubernetes control plane component running control loops to maintain desired state.

CoreDNS

The default DNS server in Kubernetes clusters for service discovery.

Test your knowledge of Secret and 130 other DevOps concepts

Interview Prep Full Glossary