/

Manage application secrets

Manage application secrets

Anand Muthukrishnan

Anand Muthukrishnan

Nov 29, 2024

You can now manage application secrets such as API keys, certificates and auth tokens better inside App environments.

Secrets tab:

Go to Vars > Secrets tab to enter up to 100 secret key-value pairs. We encrypt and store them directly in your cloud account. In AWS, we store them as encrypted strings in SSM Parameter store.

Encrypted at rest:

All the key value pairs are then made available in your Kubernetes cluster under a single kubernetes secret to get referred by your application helm chart. You can refer the values and create environment variables in your helm chart like below:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-deployment
spec:
  replicas: 1
  selector:
    matchLabels:
      app: my-app
  template:
      annotations:
        rollme: {{ randAlphaNum 5 | quote }}
    metadata:
      labels:
        app: my-app
    spec:
      containers:
        - name: my-container
          image: nginx
          env:
            - name: MY_USERNAME # Environment variable name
              valueFrom:
                secretKeyRef:
                  name: app-secrets # Name of the secret
                  key: username # Key from the secret
            - name: MY_PASSWORD # Another environment variable
              valueFrom:
                secretKeyRef:
                  name: app-secrets # Name of the secret
                  key: password # Key from the secret

All secrets data are further encrypted at rest inside the kubernetes cluster. In AWS, this encryption is done using KMS.

Learn more at docs site.

Get started:

Sign up now for free at https://localops.co to make Private SaaS deployments / customer private deployments easy! If you would like to see a personalised demo, schedule a time now at our calendar here.