• Keeping the terraform state in a Kubernetes Secret

    2 min read

    terraform state Kubernetes Secret

    Storing the terraform state into a S3 bucket with dynamoDB for locking has become the de facto standard for being able to share the state across an organization. Nevertheless, there are interesting alternatives: We can use a Kubernetes Secret

    19/04/2022

    Read more...
  • Managing (safely) Secrets as Code with sops and terraform

    3 min read

    Terraform Secret as code sops git

    If you are using Infrastructure as Code you've realized there is something it shouldn't be on a git repository: That's the secrets, we should never store clear-text secrets on a git repository, not even if it's a private repository: Anyone with access to that repository could get them.

    How can we securely create secrets as code into the AWS Secrets Manager using terraform?

    15/02/2022

    Read more...
  • Using AWS Secrets Manager secrets and Systems Manager parameters in Kubernetes with KES

    4 min read

    By using the Kubernetes External Secrets we can use external secret management systems, like AWS Secrets Manager or Vault, to securely add secrets in Kubernetes.

    This is achieved by by using the ExternalSecret object which declares how to fetch the secret data, while the KES controller converts the ExternalSecrets to Secrets. The conversion is completely transparent to Pods that can access Secrets normally.

    29/11/2021

    Read more...
  • Setting secret into a environment variable

    2 min read

    kubernetes secret environment variable pod deployment

    Although it's not a best practice to feed secrets into environment variables it's still something that it is possible to do. Let's take a glance on how to do it

    05/03/2021

    Read more...
  • Access kubernetes secrets as volumes

    2 min read

    kubernetes secret volume pod deployment mount

    To be able to use a secret on a deployment (or generally speaking, any pod) we can choose to share it by using either volumes or environment variables. Let's take a look hwo it would look like using an volume mount

    05/01/2021

    Read more...

From pet to cattle
Treat your kubernetes clusters like cattle, not pets