Secret Management in Managed Kubernetes Services

Purpose: Security and Privacy risks are increasing in the industry. Managed Kubernetes services help organizations to deploy micro service in the cloud. Securing the Secrets used by micro service applications in the cloud is a crucial topic. This paper studies how managed Kubernetes service industry secures the application Secrets in the cloud.

Design/Methodology/Approach: This study includes various Kubernetes service providers in the industry. The documentation available in the provider website and the published whitepapers are used to understand the Secret management technology.

Findings/Result: Software applications and their data are protected in managed cloud services using Secret keys. Across service providers, there is a trend and a common approach in managing the Secrets. External or remote services integration is an improvement area for the providers. Operators have the responsibility of protecting Secrets and ensuring it does not leak out.

Originality/Value: This paper studies the efforts of different vendors to protect the micro service Secrets. This ensures that the organization's critical assets are protected as per regulations and do not lead to financial losses. Cloud misconfiguration is one of the most common mistakes leading to security attacks, the knowledge of vendor's features helps to configure the cloud services securely.

Paper Type: Case study