Does anyone know in which case choose Kubernetes secrets instead of google secret manager and the reverse ? Differences between the two ?
GKE Secrets OR Google Secret manager
3.9k Views Asked by DE_WMA At
2
There are 2 best solutions below
Related Questions in GOOGLE-CLOUD-PLATFORM
- How to use Machine Learning model in objective-C with CoreML
- Alternative to Lambda layer in Keras
- How can I use half floats with CoreML neural nets?
- iOS 11 using vision framework VNDetectRectanglesRequest to do object detection not precisely?
- CoreML output type
- Stanford dataset to CoreML
- How to tap on object from an image and track it from sequence of images using Vision and Core ML framework
- MobileNet vs SqueezeNet vs ResNet50 vs Inception v3 vs VGG16
- Coreml: Model class has not been generated yet
- AVCaptureVideo not showing label
Related Questions in GOOGLE-KUBERNETES-ENGINE
- How to use Machine Learning model in objective-C with CoreML
- Alternative to Lambda layer in Keras
- How can I use half floats with CoreML neural nets?
- iOS 11 using vision framework VNDetectRectanglesRequest to do object detection not precisely?
- CoreML output type
- Stanford dataset to CoreML
- How to tap on object from an image and track it from sequence of images using Vision and Core ML framework
- MobileNet vs SqueezeNet vs ResNet50 vs Inception v3 vs VGG16
- Coreml: Model class has not been generated yet
- AVCaptureVideo not showing label
Related Questions in KUBERNETES-SECRETS
- How to use Machine Learning model in objective-C with CoreML
- Alternative to Lambda layer in Keras
- How can I use half floats with CoreML neural nets?
- iOS 11 using vision framework VNDetectRectanglesRequest to do object detection not precisely?
- CoreML output type
- Stanford dataset to CoreML
- How to tap on object from an image and track it from sequence of images using Vision and Core ML framework
- MobileNet vs SqueezeNet vs ResNet50 vs Inception v3 vs VGG16
- Coreml: Model class has not been generated yet
- AVCaptureVideo not showing label
Related Questions in GOOGLE-SECRET-MANAGER
- How to use Machine Learning model in objective-C with CoreML
- Alternative to Lambda layer in Keras
- How can I use half floats with CoreML neural nets?
- iOS 11 using vision framework VNDetectRectanglesRequest to do object detection not precisely?
- CoreML output type
- Stanford dataset to CoreML
- How to tap on object from an image and track it from sequence of images using Vision and Core ML framework
- MobileNet vs SqueezeNet vs ResNet50 vs Inception v3 vs VGG16
- Coreml: Model class has not been generated yet
- AVCaptureVideo not showing label
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
With Kubernetes secret (K8S Secret), you use a built in feature of K8S. You load your secrets in config maps, and you mount them on the pods that require them.
PRO
If a day you want to deploy on AWS, Azure or on prem, still on K8S, the behavior will be the same, no update to perform in your code.
CONS
The secrets are only accessible by K8S cluster, impossible to reuse them with another GCP services
Note: With GKE, no problem the ETCD component is automatically encrypted with a key form KMS service to keep the secret encrypted at rest. But, it's not always the same for every K8S installation, especially on premise, where the secrets are kept in plain text. Be aware about this part of the security.
Secret Manager is a vault managed by Google. You have API to read and write them and the IAM service checks the authorization.
PRO
It's a Google Cloud service and you can access it from any GCP services (Compute Engine, Cloud Run, App Engine, Cloud Functions, GKE,....) as long as you are authorized for
CONS
It's Google Cloud specific product, you are locked in.