9fa54fe44e
Change-Id: I1cfdc44fb72907e9e34294194084c59e29d8d80a Signed-off-by: Suzana Fernandes <Suzana.Fernandes@windriver.com>
17 lines
521 B
ReStructuredText
17 lines
521 B
ReStructuredText
|
|
.. dxx1582118922443
|
|
|
|
.. _encrypt-kubernetes-secret-data-at-rest:
|
|
|
|
======================================
|
|
Encrypt Kubernetes Secret Data at Rest
|
|
======================================
|
|
|
|
By default, |prod| configures the kube-apiserver to encrypt or decrypt the
|
|
data in the Kubernetes 'Secret' resources in / from the 'etcd' database.
|
|
|
|
This protects sensitive information in the event of access to the 'etcd'
|
|
database being compromised. The encryption and decryption operations are
|
|
transparent to the Kubernetes API user.
|
|
|