Overview of Secret injection solutions

Secrets management in a cloud/Kubernetes and CI/CD context is crucial and should covers various aspect like

  • how to maintain secrets in a secured way and avoid persistence in insecure repositories like git
  • administrate access using a RBAC and enable segregation of duties
  • life cycle management of secrets
  • inject secrets automatically into application runtime

Existing solutions provides features to some of the mentioned aspects. One of the most widespread solution is HashiCorp Vault. HashiCorp Vault provides a solution to manage and protect secrets. Additional extensions and open source solutions interacts with HashiCorp Vault to inject secrets into an application context running in a Kubernetes/OpenShift runtime. This article explains some of the options and ends with a comparison.

[Read More]