Everyone is talking about microservices and serverless architecture and how to deploy them using cluster managers like Kubernetes. But, what about the secrets? The current trend increases the number of secrets required to run our services. This places a new level of maintenance on our security teams. How can we share and manage the secrets(certificates, passwords, SSH, API keys) for our services in this dynamic scenario, where instances are started automatically, where there are multiple instances of the same services for scalability reasons? Are you keeping up?
Java Champion, Red Hatter. Speaker, Teacher, CoAuthor of Testing Java Microservice, Quarkus Cookbook, Securing Kubernetes Secrets books.