Secrets Management on EKS

Overview

Securely manage sensitive data like passwords, API keys, and certificates in EKS.

Topics

AWS Secrets Manager

Store and retrieve secrets using AWS Secrets Manager with IRSA

Sealed Secrets

GitOps-friendly secrets encrypted with public key

Comparison

Approach	Encryption	GitOps Friendly	Rotation
Kubernetes Secrets	Base64	No (plaintext in YAML)	Manual
AWS Secrets Manager	AWS KMS	No	Automatic
Sealed Secrets	Asymmetric	Yes	Manual

References

• EKS Workshop - Secrets Management