Sealed Secrets

devsecops secrets-management

Encrypted secrets for secure GitOps by Bitnami

Prerequisites:

kubernetes

Pros and Cons

Ventajas

+ Secure secrets in Git
+ Asymmetric encryption
+ Only cluster can decrypt
+ Perfect for GitOps
+ Simple to use

Desventajas

- One secret per cluster
- No automatic rotation
- Re-seal if certificate changes
- Fewer features than Vault

Casos de Uso

GitOps with secrets in repo
Simple K8s secrets
CI/CD with secure secrets
Teams without Vault

Related Technologies

Related Tools

Kubernetes Argo CD Flux CD HashiCorp Vault

Alternatives

External Secrets Operator HashiCorp Vault SOPS