base64-is-not-encryption icon indicating copy to clipboard operation
base64-is-not-encryption copied to clipboard

Published 20 hours ago verified publisher icon sethvargo

Metadata

Demo repo showing Kubernetes secrets being sad

Base64 is not encryption

This document describes the steps for my demo to showcase how Kubernetes secrets are inherently insecure by default.

You probably want to check out the tutorial folder instead.

Setup

  1. Configure everything:

    $ ./bin/setup.sh

Demo

Default secrets

./bin/create-secret-default.sh

./bin/access-etcd-default.sh

Encrypted envelope

./bin/create-secret-vault.sh

./bin/access-etcd-vault.sh

Destroy

  1. Destroy everything:

    $ ./bin/destroy.sh

Metadata

31
Stars
2
Forks
Watchers

Owner

verified publisher icon sethvargo

Metadata

Demo repo showing Kubernetes secrets being sad

Back