k8s part 6 (security)

Question 1

what are secrets in k8s?

Answer 1

secrets are used to store and manage sensitive information, such as passwords, token or a key, Instead of hardcoding this sensitive data in your application code.

Question 2

what are the disadvantages of hard coding sensitive data in your application?

Answer 2

• Anyone with access can get to the data
• developer will always need this data if image has to be modified.
• Any update of the data will require a new image for the application

Question 3

what are some other solutions for storing sensitive data ?

Answer 3

• AWS Secrets Manager
• HashiCorp Vault
• Azure Key Vault

Question 4

List some types of secret?

Answer 4

• generic
• docker registry
• TLS
• Service Account Tokens
• Basic Authentication Secrets
• SSH Auth Secret
  -Opaque Secrets

Question 5

what are the two ways you can mount secrets to a pod?

Answer 5

• volume
• environment variables

Question 6

what are configmaps?

Answer 6

a ConfigMap is a way to store configuration settings for applications in Kubernetes. Instead of hardcoding these settings into your application, you can put them in a ConfigMap, which makes it easier to manage and change the settings without having to modify the application code itself.

Question 7

when you dont specify a service type, which one does k8s use by default?

Answer 7

clusterIP

Question 8

what property do you use when setting an environment variable in k8s?

Answer 8

• env
• example name: app
  value: nginx

Question 9

configmaps store information in plain text T or F ?

Answer 9

T