There is still a big pink elephant in the room. Yes perhaps you have finally encrypted the secrets storage system...but your application pods need those secrets to communicate with each other..and outside the cluster....and where are they going to store those secrets? locally? or what method to require application containers always make secure TLS calls to secrets server to make their outside calls.. of course thats at the very least going to be stored in memory for a moment..are we encrypting memory? another vault system on the pods/containers?? always more questions.
Thanks a lot for this video. The content of it is extremely helpful.
Super....very well explained.
There is still a big pink elephant in the room. Yes perhaps you have finally encrypted the secrets storage system...but your application pods need those secrets to communicate with each other..and outside the cluster....and where are they going to store those secrets? locally? or what method to require application containers always make secure TLS calls to secrets server to make their outside calls.. of course thats at the very least going to be stored in memory for a moment..are we encrypting memory? another vault system on the pods/containers?? always more questions.
i am still prefer bitnami sealed secrets
Do you know whether bitnami seal the secrets inside ETCD?