The Kubernetes Dashboard allows users to see all secrets, including their raw values with just a couple clicks. These secrets will likely contain very sensitive data, such as production database passwords and private keys.
How do you limit users of the Dashboard, so that they can't see the sensitive data?
This is a known issue and it is simply not officially supported at the moment - the Dashboard is a super-user level administration tool. This should not be the case forever, but more help is needed to get it there.
There are some workarounds discussed in that issue thread that work currently. Here are some notable quirks around them to be aware of beforehand:
kubectl proxy
will be necessary without some browser plugin or MITM proxy to attach the needed auth to dashboard server calls but it is possible.