What is the difference between secrets and configmaps?

Asked Apr 18 '18 at 13:05

Active Apr 18 '18 at 13:05

Viewed 537 times

Other then secrets having to be base64 encoded (which can be easily decoded) I am unaware of the differences between those two.

Is there any reason to not only rely on ConfigMaps to set secrets?

Are there security concerns?

asked Apr 18 '18 at 13:05

hibe

1

They serve different purposes. Secrets may be [encrypted at rest](https://kubernetes.io/docs/tasks/administer-cluster/encrypt-data/); and are for storing passwords, API keys, etc. Configmaps store config. There's usually no good reason to use one in place of the other, because they do have similar semantics and behaviors through the API and when mounted. – Anirudh Ramanathan Apr 18 '18 at 16:02
@AnirudhRamanathan "no good reason to use one in place of the other", what if the application has a line for password/token/accesskey in it's config file, but the rest of the config file has nothing to do with secrets except this one line? You do not control the app. – Andrew Savinykh Sep 07 '18 at 01:04

0 Answers0