Sealed Secrets - Bitnami

License: Apache 2.0

Sealed Secrets allow us to use cryptography on the cluster to transform what would be plaintext passwords in code into sealed secret objects which only the cluster can decode. The Sealed Secret operator takes all sealed secret objects and converts them into normal Kubernetes secrets for Applications to consume. The normal way of doing this is to use kubeseal.

Links

• Code: https://github.com/bitnami-labs/sealed-secrets

• Releases: https://github.com/bitnami-labs/sealed-secrets/releases

• Documentation:

  • General Documentation: https://github.com/bitnami-labs/sealed-secrets#readme
  • Upgrade Documentation: https://github.com/bitnami-labs/sealed-secrets#upgrade
  • Release Notes: https://github.com/bitnami-labs/sealed-secrets/blob/main/RELEASE-NOTES.md

• Helm:

  • Releases: https://bitnami-labs.github.io/sealed-secrets sealed-secrets
  • Helm Documentation: https://github.com/bitnami-labs/sealed-secrets#helm-chart

• Implementation:

  • eks-cluster: Install Sealed Secrets

  https://code.vt.edu/it-common-platform/infrastructure/eks-cluster/-/blob/main/cluster-bootstrap/sealed-secrets.tf

Update Concerns

Critical Concernsf

• Any loss of the signing secret will require those using sealed secrets to re-encrypt their sealed secrets

General Concerns