|
|
|
|
|
|
by boarnoah
720 days ago
|
|
|
That doesn't cover what the GP was talking about with > (i.e. if someone were to gain access to a running Kubernetes container) right? Since those would still be secrets available in the env. I get that if someone has access to read your envvars, its a foregone conclusion already (about how compromised you are). However IIUC, the part of the point of doing things in memory with reading secrets (like with a Secrets Manager, is to eliminate having to keep secrets around as envvars/secret files in the runtime? |
|
|