Kubernetes Secrets Cheat Sheet

The role of Kubernetes Secrets Object in Kubernetes is to let you store sensitive information in the Kubernetes Cluster.

Here are some useful command to manage Kubernetes Secret:

Delete existing Secrets

Command:

kubectl delete secret platform-dev

Create Secret

Content of dev.txt

MYKEY1=myvalue1
MYKEY2=myvalue2

Command:

kubectl create secret generic platform-dev --from-env-file=dev.txt

Command:

kubectl create secret generic timescale-db-backup-secret — from-file=GOOGLE_APPLICATION_CREDENTIALS=/tmp/db.json

Command:

kubectl create secret generic my-secret --from-literal=MYKEY=myvalue

Describe Secrets

Command:

kubectl describe secrets/platform-dev

Patch a new key-value in Secret

#Export Target Value
export SECRET_NAME=platform-dev
export KEY_NAME=mykey
export KEY_VALUE=`echo "myvalue" |  base64`
#Path the Key Value Pair 
kubectl patch secret $SECRET_NAME -p "{\"data\":{\"$KEY_NAME\":\"${KEY_VALUE}\"}}"
#Verify your changes
kubectl get secrets $SECRET_NAME --template={{.data.$KEY_NAME}} | base64 --decode

Get a value from a Secret

kubectl get secrets <SECRET_NAME> --template={{.data.<KEY_NAME>}} | base64 --decode

Get YAML Secrets (Values are base 64 Encoded)

kubectl get secrets/platform-dev -o yaml