How can HashiCorp Vault handle more better way than sealed secrets in Kubernetes?

ghkgupta · April 16, 2021, 8:57am

I am just few miles away to bring HashiCorp Vault into my organization but the question I need to answer was,

How can HashiCorp Vault do more better way than sealed secrets in Kubernetes?

Unfortunately, I have no idea how sealed secrets really work but got some understanding from the article here,

Bitnami Engineering: Sealed Secrets: Protecting your passwords before they reach Kubernetes.

Note: I made a presentation to my team touching the main areas of vault with the demo sessions.

Please show few pointers.

jeffsanicola · April 16, 2021, 12:11pm

These tutorials for integrating Vault with Kube might help:

adeelahmad84 · April 20, 2021, 12:06pm

@ghkgupta

in short: sealed secrets are stored in repos, thus sprawled, danger of exposure by accidentally committing to the repo before applying sealed-secrets.

Vault: secrets are centralised, identity based authentication, audited on checkout, using dynamic secrets ensure secrets are short-lived, no secrets live in repos.

Topic		Replies	Views
How to use Hashicorp Vault with NodeJS application? Vault	10	3381	October 15, 2024
Setting up vault Vault	1	204	May 17, 2023
Balancing Vault Security and Workload Availability in Kubernetes: Best Practices? Vault	0	12	October 14, 2024
Kubernetes Vault and Secrets Vault	7	752	February 24, 2020
Recommended auth from apps to access secrets? Vault	5	1005	June 11, 2019

How can HashiCorp Vault handle more better way than sealed secrets in Kubernetes?

Related topics