Author: Neha Sinha

Implementation of ESO (External Secret Operator) with Google Secret Manager 

ESO IMAGE

In the Previous Blog, we discussed the significant role that ESO(External Secret Operator) plays within in Kubernetes cluster in handling sensitive information. How it is bridging the gap between the external secret manager and Kubernetes cluster.

Today I’m going to discuss one of the problems that we faced on our client side in terms of managing secrets in Kubernetes. Kubernetes makes use of basic Base64 encoding to encrypt the secrets and anyone who has access to the Kubernetes cluster can easily access those secrets which can get compromised. So to overcome this problem we found a solution called ESO.

So In this blog, I will walk you through how we implemented ESO in the GKE Kubernetes Cluster while making use of Google Secret Manager.

Continue reading “Implementation of ESO (External Secret Operator) with Google Secret Manager ”

Introduction to External Secret Operator

ESO

In today’s digital world, the protection of sensitive information has become paramount. So while working with microservices orchestrator tools such as kubernetes it is important to handle the secrets securely such as username or password, DB Password, or API Keys. Kubernetes has a built-in feature for managing secrets called secrets. But the downside of Secrets is that It doesn’t support storing or retrieving the secrets from external secret management systems like AWS Secrets Manager, HashiCorp Vault, Google Secrets Manager, Azure Key Vault, IBM Cloud Secrets Manager, and many more.

Moreover, external secret management provides encryption at rest, secret rotation policies, and many more. So in this blog, we will talk about the solution GoDaddy came up with an open-source solution called External Secrets Operator.

What is External Secret Operator?

External Secrets Operator is a tool or component that extends the functionality of Kubernetes to manage external secrets in a more secure and efficient manner. It acts as a bridge between Kubernetes and external secret management systems, allowing you to securely store and retrieve secrets from external sources. It integrates with external secret providers such as HashiCorp Vault, AWS Secrets Manager, Azure Key Vault, or other similar systems. This enables Kubernetes applications to access and utilize secrets stored in these external systems without exposing them directly within the cluster.

Continue reading “Introduction to External Secret Operator”