K
Q

Kubernetes Secrets Auto Delete

4/7/2020

I am wondering about Kubernetes's secret management. I have a process that generates a lot of secrets that only need to live for a short while.

I would like for these secrets to come from Vault or a similar service in the future. However, for right now, I don't have the time to implement this.

If someone could provide me with the documentation or delineate the secret life cycle, it would be super helpful. Does Kubernetes have the means to garbage collect these secrets as it does with containers?

Likewise, I am wondering if there is a way to set cascading deletes when this one resource disappears, so does its secrets?

-- Aaron
app-secret
kubernetes
kubernetes-secrets
secret-key

Similar Questions

Kubernetes events for pod termination or job completion
SonarQube + Postgresql Connection refused error in Kubernetes Cluster
Deploying Angular App on minikube and expose via port
Accessing my python graphql application deployed in an istio enabled cluster from my front end React app

1 Answer

4/7/2020

Kubernetes has no notion of secret lifetime.

  • you can implement a CronJob in charge of checking then deleting secret in specific namespace(s) if the secret is older that a specific time.

  • you can create all your secrets in a temporary namespace, destroying the namespace will destroy all the secrets associated with this namespace.

  • use Vault

-- Kartoch
Source: StackOverflow