0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Kubernetes Secrets Handbook

You're reading from Kubernetes Secrets Handbook Design, implement, and maintain production-grade Kubernetes Secrets management solutions

Product type Paperback

Published in Jan 2024

Publisher

ISBN-13 9781805123224

Length 294 pages

Edition 1st Edition

Tools

Kubernetes

Concepts

Design

Authors (3):

Chen Xi

Emmanouil Gkatziouras

Rom Adams

View More author details

Table of Contents (20) Chapters

Preface

1. Part 1:Introduction to Kubernetes Secrets Management FREE CHAPTER

2. Chapter 1: Understanding Kubernetes Secrets Management

3. Chapter 2: Walking through Kubernetes Secrets Management Concepts

4. Chapter 3: Encrypting Secrets the Kubernetes-Native Way

5. Chapter 4: Debugging and Troubleshooting Kubernetes Secrets

6. Part 2: Advanced Topics – Kubernetes Secrets in a Production Environment

7. Chapter 5: Security, Auditing, and Compliance

8. Chapter 6: Disaster Recovery and Backups

9. Chapter 7: Challenges and Risks in Managing Secrets

10. Part 3: Kubernetes Secrets Providers

11. Chapter 8: Exploring Cloud Secret Store on AWS

12. Chapter 9: Exploring Cloud Secret Store on Azure

13. Chapter 10: Exploring Cloud Secret Store on GCP

14. Chapter 11: Exploring External Secret Stores

15. Chapter 12: Integrating with Secret Stores

16. Chapter 13: Case Studies and Real-World Examples

17. Chapter 14: Conclusion and the Future of Kubernetes Secrets Management

18. Index

Why subscribe?

19. Other Books You May Enjoy

Auditing and logging

Google Cloud comes with logging and auditing out-of-the-box. Once we provision a Kubernetes cluster, all the operations will be visible through the logging console.

Suppose we create a secret on the cluster we provisioned previously:

$ kubectl create secret generic empty-secret

This action will be logged on the audit logs of GKE, and all we must do is search the logging console on GCP using the following query:

protoPayload.methodName="io.k8s.core.v1.secrets.create"
protoPayload.@type="type.googleapis.com/google.cloud.audit.AuditLog"
resource.type="k8s_cluster"

As a result, we should see all the operations upon accessing Secrets:

Figure 10.1 – Kubernetes audit logs on GKE

Figure 10.1 – Kubernetes audit logs on GKE

Apart from audit logs on Kubernetes, we can also utilize the audit logs on Secret Manager. On the logging screen of GCP, we can search specifically for audit logs:

resource.type="audited_resource" AND...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (3)

Emmanouil Gkatziouras

Emmanouil Gkatziouras

Emmanouil Gkatziouras started his career in software as a Java developer. Since 2015, he has worked daily with cloud providers such as GCP, AWS and Azure, and container orchestration tools such as Kubernetes. He has fulfilled many roles, either in lead positions or as an individual contributor. He enjoys being a versatile engineer and collaborating with development, platform, and architecture teams. He loves to give back to the developer community by contributing to open-source projects and by blogging on various software topics. He is committed to continuous learning and is a holder of certifications such as CKA, CCDAK, PSM, CKAD, and PSO. He is the author of ‘A Developer's Essential Guide to Docker Compose'.

See other products by Emmanouil Gkatziouras

Chen Xi

Chen Xi

Chen Xi is a highly skilled Uber Platform Engineer. As a Tech Leader, he contributed to the Secret and Key Management Platform service, leading and delivering secrets as a service with a 99.99% SLA for thousands of Uber container services across hybrid environments. His cloud infrastructure prowess is evident from his work on Google Kubernetes Engine (GKE) and the integration of Spire-based PKI systems. Prior to joining Uber, he worked at VMware, where he developed microservices for VMware's Hybrid Kubernetes management platform (Tanzu Mission Control) and VMware Kubernetes Engine for multi-cloud (Cloud PKS). Chen is also a contributing author to the Certified Kubernetes Security Specialist (CKS) exam.

See other products by Chen Xi

Rom Adams

Rom Adams

Rom Adams (né Romuald Vandepoel) is an open-source and C-Suite advisor with 20 years of experience in the IT industry. He is a cloud-native expert who helps organizations to modernize and transform with open-source solutions. He is advising companies and lawmakers on their open- and inner-source strategies. Previously, a Principal Architect at Ondat, a cloud-native storage company acquired by Akamai, where he designed products and hybrid cloud solutions and held roles at Tyco, NetApp, and Red Hat becoming a subject matter expert in hybrid cloud. He was moderator and speaker for several events, sharing his insights on culture, process, technology adoption, and passion about open innovation.

See other products by Rom Adams

Personalised recommendations for you

Based on your interests and search pattern

Mastering PowerShell Scripting

Mastering PowerShell Scripting

PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.

May 2024 27h 32m

Mastering PowerShell Scripting

Mastering PowerShell Scripting

PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.

May 2024 27h 32m

Mastering PowerShell Scripting

Mastering PowerShell Scripting

PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.

May 2024 27h 32m

Mastering PowerShell Scripting

Mastering PowerShell Scripting

PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.

May 2024 27h 32m

Mastering PowerShell Scripting

Mastering PowerShell Scripting

PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.

May 2024 27h 32m

Mastering PowerShell Scripting

Mastering PowerShell Scripting

PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.

May 2024 27h 32m

Mastering PowerShell Scripting

Mastering PowerShell Scripting

PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.

May 2024 27h 32m

Mastering PowerShell Scripting

Mastering PowerShell Scripting

PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.

May 2024 27h 32m

Mastering PowerShell Scripting

Mastering PowerShell Scripting

PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.

May 2024 27h 32m

Mastering PowerShell Scripting

Mastering PowerShell Scripting

PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.

May 2024 27h 32m

Mastering PowerShell Scripting

Mastering PowerShell Scripting

PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.

May 2024 27h 32m

Mastering PowerShell Scripting

Mastering PowerShell Scripting

PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.

May 2024 27h 32m