Secrets
Secrets management systems for Kubernetes and cloud environments — covering external provider sync, file-level encryption, and full-featured identity-based vaults.
← Knowledge Base
Topics
| Tool |
Description |
| External Secrets Operator |
Kubernetes operator that syncs secrets from external providers (Vault, AWS SM, GCP SM, Azure KV) into native K8s Secrets via CRDs. |
| SOPS |
CLI tool for encrypting structured files (YAML, JSON, ENV) in-place — the GitOps standard for secrets-in-Git using age, AWS KMS, or PGP. |
| HashiCorp Vault |
Industry-standard identity-based secrets management — dynamic secrets, encryption-as-a-service, PKI, and multi-backend replication. |
Comparisons