Moritz Johner

External Secrets Operator: the secrets management toolbox for self-sufficient teams

How do you solve the 'first secret' problem in Kubernetes? Learn how the External Secrets Operator uses cloud IAM to securely bridge any vault to your applications.

External Secrets Operator: the secrets management toolbox for self-sufficient teams
#1about 2 minutes

Understanding the fundamentals of secrets management

Secrets management deals with the complete lifecycle of credentials like API keys and passwords to prevent sensitive data exposure.

#2about 4 minutes

A framework for classifying different types of secrets

Secrets can be categorized by their expiry, creation method, dependencies, and consumer type, which dictates how they should be managed.

#3about 4 minutes

Centralizing secrets from development, CI/CD, and production

Using a central vault like HashiCorp Vault or AWS Secrets Manager provides control, auditing, and a consistent API for all environments.

#4about 2 minutes

Overcoming common challenges in secrets management

Key challenges include secret sprawl, complex lifecycle management, poor tooling integration, and users not following security best practices.

#5about 3 minutes

Introducing the External Secrets Operator for Kubernetes

External Secrets Operator (ESO) is a CNCF project that synchronizes secrets from an external provider into native Kubernetes secrets.

#6about 4 minutes

Understanding the core concepts and CRDs of ESO

ESO uses SecretStore and ExternalSecret custom resources to define the connection to a provider and specify which secrets to fetch.

#7about 5 minutes

Using advanced ESO features for complex use cases

ESO supports advanced features like zero-configuration authentication, templating for config files, and multi-tenant isolation across different cloud accounts.

#8about 5 minutes

Q&A on pod restarts, SOPS, and caching benefits

The operator doesn't restart pods automatically, offers a smaller attack surface than SOPS in Git, and acts as a caching layer for high availability.

Related jobs
Jobs that call for the skills explored in this talk.

test

Milly
Vienna, Austria

Intermediate

test

Milly
Vienna, Austria

Intermediate

Matching moments

Managing secrets with external secret managers
31:09 MIN

Managing secrets with external secret managers

Securing secrets in the GitOps Era

Integrating external secret managers into Kubernetes
38:03 MIN

Integrating external secret managers into Kubernetes

Securing secrets in the GitOps Era

Encrypting secrets in Git with Sealed Secrets
12:32 MIN

Encrypting secrets in Git with Sealed Secrets

Securing secrets in the GitOps Era

Q&A on GitOps secret management practices
40:22 MIN

Q&A on GitOps secret management practices

Securing secrets in the GitOps Era

Using Sealed Secrets to safely store secrets in Git
18:06 MIN

Using Sealed Secrets to safely store secrets in Git

Securing Secrets in the GitOps era

Q&A: GitOps, CI tools, and security management
42:23 MIN

Q&A: GitOps, CI tools, and security management

GitOps: The past, present and future

Securely handing over credentials and application secrets
28:35 MIN

Securely handing over credentials and application secrets

SRE Methods In an Agency Environment

Integrating an external KMS for robust etcd encryption
31:24 MIN

Integrating an external KMS for robust etcd encryption

Securing Secrets in the GitOps era

Featured Partners

Related Videos

See all videos
Securing secrets in the GitOps Era58:52

Securing secrets in the GitOps Era

Davide Imola

Securing Secrets in the GitOps era58:57

Securing Secrets in the GitOps era

Alex Soto

Best Practices for Using GitHub Secrets36:33

Best Practices for Using GitHub Secrets

Marcel Lupo

Chaos in Containers - Unleashing Resilience27:52

Chaos in Containers - Unleashing Resilience

Maish Saidel-Keesing

Operating etcd for Managed Kubernetes21:43

Operating etcd for Managed Kubernetes

Mario Valderrama

From Factory Floor to Kubernetes Core: Building an Edge Platform One Step at a Time17:34

From Factory Floor to Kubernetes Core: Building an Edge Platform One Step at a Time

Dean Oren & Stefan Belsch

Kubernetes Security Best Practices23:08

Kubernetes Security Best Practices

Rico Komenda

Kubernetes Maestro: Dive Deep into Custom Resources to Unleash Next-Level Orchestration Power!29:21

Kubernetes Maestro: Dive Deep into Custom Resources to Unleash Next-Level Orchestration Power!

Um e Habiba

Related Articles

View all articles
BB
Benedikt Bischof
MLOps – What’s the deal behind it?
Welcome to this issue of the WeAreDevelopers Live Talk series. This article recaps an interesting talk by Nico Axtmann who introduced us to MLOpsAbout the speaker:Nico Axtmann is a seasoned machine learning veteran. Starting back in 2014 he observed ...
MLOps – What’s the deal behind it?
Learning Kubernetes made easy with KubeCampus
Learning to use Kubernetes? KubeCampus by Kasten offers free educational content for all skill levels to get you started!Kubernetes is an open-source system for deploying, scaling and managing containerized applications. It allows you to deploy your ...
Learning Kubernetes made easy with KubeCampus
CH
Chris Heilmann
Dev Digest 131 - AI'm not sure about OSS
News and ArticlesRust and Typescript are rising stars in programming languages 2024 survey, the State of CSS 2024 survey is open and here is what's new in ECMAScript.In security news, a Microsoft update bricks Linux dual-boot systems, they patched a ...
Dev Digest 131 - AI'm not sure about OSS

From learning to earning

Jobs that call for the skills explored in this talk.