Secret Management in Kubernetes: Approaches, Tools, and Best Practices

This page summarizes the projects mentioned and recommended in the original post on dev.to

SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured
  • sealed-secrets

    A Kubernetes controller and tool for one-way encrypted Secrets

    Considering the major limitations of using Kubernetes Secrets, there are many new approaches being developed by the Kubernetes community. Kubernetes SIGs like the Secrets Store CSI Driver and solutions like the external secrets operator that works with third-party secret managers, and options to seal secrets through tools like bitnami’s sealed-secrets. To skip the tools and move directly to best practices, click here.

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
  • secrets-store-csi-driver

    Secrets Store CSI driver for Kubernetes secrets - Integrates secrets stores with Kubernetes via a CSI volume.

    Considering the major limitations of using Kubernetes Secrets, there are many new approaches being developed by the Kubernetes community. Kubernetes SIGs like the Secrets Store CSI Driver and solutions like the external secrets operator that works with third-party secret managers, and options to seal secrets through tools like bitnami’s sealed-secrets. To skip the tools and move directly to best practices, click here.

  • sops

    Simple and flexible tool for managing secrets

    Mozilla’s Secret Operations (SOPS) is an editor of secret files. It supports YAML, JSON, Binary, ENV, and INI formats and encrypts with an encryption key from your AWS KMS, GCP KMS, Azure Key Vault, age, and PGP.

  • etcd

    Distributed reliable key-value store for the most critical data of a distributed system

    etcd is not secure - etcd is where Kubernetes secrets are stored. Though etcd is a distributed key/value store with great performance, it lacks key features when it comes to handling sensitive data such as audit log, key rotation, and encryption of key.

  • helm-secrets

    A helm plugin that help manage secrets with Git workflow and store them anywhere

    ArgoCD users would have to build container images with SOPS baked in using Helm chart extensions or Kustomize extensions. Flux allows configuring sops directly into the Flux manifests.

  • kustomize-sops

    KSOPS - A Flexible Kustomize Plugin for SOPS Encrypted Resources

    ArgoCD users would have to build container images with SOPS baked in using Helm chart extensions or Kustomize extensions. Flux allows configuring sops directly into the Flux manifests.

  • sops-secrets-operator

    Kubernetes SOPS secrets operator

    sops-secrets-operator (sops)

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Storing secrets in distributed binaries?

    4 projects | /r/golang | 7 May 2023
  • GitOps and Kubernetes – Secure Handling of Secrets

    7 projects | dev.to | 18 Jan 2023
  • Boost Kubernetes Efficiency: Upgrade to v1.14 in 11 Easy Steps!

    1 project | dev.to | 9 Oct 2024
  • Etcd: A Distributed, Reliable Key-Value Store for Critical System Data

    1 project | news.ycombinator.com | 5 Sep 2024
  • Jepsen: Jetcd 0.8.2

    5 projects | news.ycombinator.com | 8 Aug 2024

Did you konow that Go is
the 4th most popular programming language
based on number of metions?