Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Kubernetes Secrets Handbook
  • Table Of Contents Toc
Kubernetes Secrets Handbook

Kubernetes Secrets Handbook

By : Emmanouil Gkatziouras, Rom Adams, Chen Xi
5 (5)
Buy this Book
close
close
Kubernetes Secrets Handbook

Kubernetes Secrets Handbook

5 (5)
By: Emmanouil Gkatziouras, Rom Adams, Chen Xi
Buy this Book

Overview of this book

Securing Secrets in containerized apps poses a significant challenge for Kubernetes IT professionals. This book tackles the critical task of safeguarding sensitive data, addressing the limitations of Kubernetes encryption, and establishing a robust Secrets management system for heightened security for Kubernetes. Starting with the fundamental Kubernetes architecture principles and how they apply to the design of Secrets management, this book delves into advanced Kubernetes concepts such as hands-on security, compliance, risk mitigation, disaster recovery, and backup strategies. With the help of practical, real-world guidance, you’ll learn how to mitigate risks and establish robust Secrets management as you explore different types of external secret stores, configure them in Kubernetes, and integrate them with existing Secrets management solutions. Further, you'll design, implement, and operate a secure method of managing sensitive payload by leveraging real use cases in an iterative process to enhance skills, practices, and analytical thinking, progressively strengthening the security posture with each solution. By the end of this book, you'll have a rock-solid Secrets management solution to run your business-critical applications in a hybrid multi-cloud scenario, addressing operational risks, compliance, and controls.
Table of Contents (20 chapters)
close
close
close
Preface
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Icon
Download the example code files
Icon
Conventions used
Icon
Get in touch
Icon
Share Your Thoughts
Icon
Download a free PDF copy of this book
Lock Free Chapter
1
Part 1:Introduction to Kubernetes Secrets Management
Icon
Part 1:Introduction to Kubernetes Secrets Management
2
Chapter 1: Understanding Kubernetes Secrets Management
Icon
Chapter 1: Understanding Kubernetes Secrets Management
Icon
Technical requirements
Icon
Understanding Kubernetes’ origins and design principles
Icon
Summary
3
Chapter 2: Walking through Kubernetes Secrets Management Concepts
Icon
Chapter 2: Walking through Kubernetes Secrets Management Concepts
Icon
Technical requirements
Icon
What are Kubernetes Secrets, and how do they differ from other Kubernetes objects?
Icon
Different types of Secrets and their usage scenarios
Icon
Creating, modifying, and deleting Secrets in Kubernetes
Icon
Kubernetes Secrets configuration in different deployment scenarios
Icon
Requirement for managing Secrets, including secure storage and access control
Icon
Securing access to Secrets with RBAC
Icon
Auditing and monitoring secret usage
Icon
Summary
4
Chapter 3: Encrypting Secrets the Kubernetes-Native Way
Icon
Chapter 3: Encrypting Secrets the Kubernetes-Native Way
Icon
Technical requirements
Icon
Kubernetes-native encryption
Icon
Going further with securing etcd
Icon
Summary
5
Chapter 4: Debugging and Troubleshooting Kubernetes Secrets
Icon
Chapter 4: Debugging and Troubleshooting Kubernetes Secrets
Icon
Technical requirements
Icon
Discussion of common issues with Kubernetes Secrets
Icon
Debugging and troubleshooting Secrets
Icon
Best practices for debugging and troubleshooting Secrets
Icon
Summary
6
Part 2: Advanced Topics – Kubernetes Secrets in a Production Environment
Icon
Part 2: Advanced Topics – Kubernetes Secrets in a Production Environment
7
Chapter 5: Security, Auditing, and Compliance
Icon
Chapter 5: Security, Auditing, and Compliance
Icon
Technical requirements
Icon
Cybersecurity versus cyber risk
Icon
Compliance standards
Icon
Adopting a DevSecOps mindset
Icon
Tools
Icon
Summary
8
Chapter 6: Disaster Recovery and Backups
Icon
Chapter 6: Disaster Recovery and Backups
Icon
Technical requirements
Icon
Introduction to Secrets disaster recovery and backups
Icon
Backup strategies for Kubernetes Secrets
Icon
Secrets versioning and backup considerations
Icon
Security guidance for backup
Icon
Tools and solutions for backing up Kubernetes Secrets
Icon
Disaster recovery for Kubernetes Secrets
Icon
Summary
9
Chapter 7: Challenges and Risks in Managing Secrets
Icon
Chapter 7: Challenges and Risks in Managing Secrets
Icon
Technical requirements
Icon
Grasping the complexities of Secrets management systems
Icon
General security risks in Secrets management
Icon
Challenges and risks in managing Secrets for Kubernetes
Icon
Mitigation strategies
Icon
Summary
10
Part 3: Kubernetes Secrets Providers
Icon
Part 3: Kubernetes Secrets Providers
11
Chapter 8: Exploring Cloud Secret Store on AWS
Icon
Chapter 8: Exploring Cloud Secret Store on AWS
Icon
Technical requirements
Icon
Overview of AWS Secrets Manager
Icon
Secrets Store CSI Driver
Icon
Integrating AWS Secrets Manager with EKS
Icon
Auditing
Icon
KMS for AWS Secrets encryption
Icon
Summary
12
Chapter 9: Exploring Cloud Secret Store on Azure
chevron up
Icon
Chapter 9: Exploring Cloud Secret Store on Azure
Icon
Technical requirements
Icon
Overview of Azure Key Vault
Icon
Introduction to Workload Identity
Icon
Integrating an AKS cluster and Azure Key Vault
Icon
Auditing and logging
Icon
Azure Key Vault for secret encryption
Icon
Summary
13
Chapter 10: Exploring Cloud Secret Store on GCP
Icon
Chapter 10: Exploring Cloud Secret Store on GCP
Icon
Technical requirements
Icon
Overview of GCP Secret Manager
Icon
Introduction to Workload Identity
Icon
Integrating GKE and GCP Secret Manager
Icon
Auditing and logging
Icon
Integrating GKE and KMS
Icon
Summary
14
Chapter 11: Exploring External Secret Stores
Icon
Chapter 11: Exploring External Secret Stores
Icon
Technical requirements
Icon
Overview of external secret providers
Icon
HashiCorp Vault
Icon
CyberArk Conjur
Icon
Qualities for securely managing Secrets
Icon
Summary
15
Chapter 12: Integrating with Secret Stores
Icon
Chapter 12: Integrating with Secret Stores
Icon
Technical requirements
Icon
Configuring external secret stores in Kubernetes
Icon
Integrating with external secret stores
Icon
Security implications and best practices
Icon
Practical and theoretical balance
Icon
Summary
16
Chapter 13: Case Studies and Real-World Examples
Icon
Chapter 13: Case Studies and Real-World Examples
Icon
Technical requirements
Icon
Real-world examples of how Kubernetes Secrets are used in production environments
Icon
Secrets management from a CI/CD perspective
Icon
Lessons learned from real-world deployments
Icon
Managing the Secrets lifecycle from end to end in a Kubernetes production cluster
Icon
Summary
17
Chapter 14: Conclusion and the Future of Kubernetes Secrets Management
Icon
Chapter 14: Conclusion and the Future of Kubernetes Secrets Management
Icon
The current state of Kubernetes
Icon
The future state of Kubernetes
Icon
Continuous improvement
Icon
Summary
18
Index
Icon
Index
Icon
Why subscribe?
19
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Packt is searching for authors like you
Icon
Share Your Thoughts
Icon
Download a free PDF copy of this book

Overview of Azure Key Vault

Azure Key Vault is a versatile service. It can be used as a secret storage. On Azure Key Vault, we can store cryptographic keys. Also, Azure Key Vault can be used to perform encryption and decryption operations.

Since it is a managed Azure service, it benefits from the features that Azure provides by default on its services.

The features of interest are as follows:

  • Azure RBAC and access policy
  • High availability
  • Logging, auditing, and monitoring
  • Integration with other Azure components

We will take some time to examine these features that are crucial to the security of our Secrets.

Azure RBAC and access policy

Every service on Azure is protected from unauthorized usage through an identity access management layer that Azure provides. This layer comes in the form of Azure’s RBAC and access policy. A security principal is an entity that has an identity on Azure and can be a user account, group account, or computer...

CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Kubernetes Secrets Handbook
End of Section 12
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist download Download options
font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon