In hybrid and multicloud environments, correct administration of delicate data-like secrets and techniques, credentials and certificates is vital to sustaining a strong safety posture throughout Kubernetes clusters. Whereas Kubernetes offers a Kube-native technique to handle secrets and techniques, it’s typically understood that Kubernetes secrets and techniques will not be notably secret: they’re base64 encoded and are accessible to cluster directors. Moreover, anybody with privileges to create a pod in a selected namespace can entry the secrets and techniques for that namespace. Whereas at-rest safety might be offered by encrypting delicate da