27 lines
970 B
Markdown
27 lines
970 B
Markdown
---
|
|
title: Secret
|
|
id: secret
|
|
date: 2018-04-12
|
|
full_link: /docs/concepts/configuration/secret/
|
|
short_description: >
|
|
Stores sensitive information, such as passwords, OAuth tokens, and ssh keys.
|
|
|
|
aka:
|
|
tags:
|
|
- core-object
|
|
- security
|
|
---
|
|
Stores sensitive information, such as passwords, OAuth tokens, and SSH keys.
|
|
|
|
<!--more-->
|
|
|
|
Secrets give you more control over how sensitive information is used and reduces
|
|
the risk of accidental exposure. Secret values are encoded as base64 strings and
|
|
are stored unencrypted by default, but can be configured to be
|
|
[encrypted at rest](/docs/tasks/administer-cluster/encrypt-data/#ensure-all-secrets-are-encrypted).
|
|
|
|
A {{< glossary_tooltip text="Pod" term_id="pod" >}} can reference the Secret in
|
|
a variety of ways, such as in a volume mount or as an environment variable.
|
|
Secrets are designed for confidential data and
|
|
[ConfigMaps](/docs/tasks/configure-pod-container/configure-pod-configmap/) are
|
|
designed for non-confidential data. |