Bird
0
0

A developer accidentally included sensitive passwords in a ConfigMap. What is the best fix?

medium📝 Troubleshoot Q7 of 15
Kubernetes - ConfigMaps
A developer accidentally included sensitive passwords in a ConfigMap. What is the best fix?
ADelete the ConfigMap and recreate it as a Secret
BEncrypt the ConfigMap with a password
CLeave the ConfigMap as is and restrict Pod access
DStore passwords in environment variables directly
Step-by-Step Solution
Solution:

  1. Step 1: Identify proper storage for sensitive data

    Secrets are designed for sensitive info; ConfigMaps are not secure.

  2. Step 2: Apply best practice to fix the issue

    Delete the ConfigMap and recreate as Secret to protect passwords.

  3. Final Answer:

    Delete the ConfigMap and recreate it as a Secret -> Option A

  4. Quick Check:

    Sensitive data belongs in Secrets [OK]
Quick Trick: Use Secrets for sensitive data, not ConfigMaps [OK]
Common Mistakes:
  • Trying to encrypt ConfigMaps manually
  • Ignoring sensitive data exposure
  • Storing passwords directly in env vars

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Kubernetes Quizzes
ConfigMaps - Updating ConfigMaps and propagation - Quiz 9hard ConfigMaps - Using ConfigMaps as environment variables - Quiz 4medium ConfigMaps - Updating ConfigMaps and propagation - Quiz 3easy Health Checks and Probes - Startup probe concept - Quiz 4medium Networking - DNS in Kubernetes (CoreDNS) - Quiz 13medium Persistent Storage - StatefulSets for stateful applications - Quiz 12easy Persistent Storage - Why persistent storage matters in Kubernetes - Quiz 7medium Resource Management - Memory requests and limits - Quiz 6medium Scheduling - Node affinity and anti-affinity - Quiz 14medium Secrets - Why Secrets manage sensitive data - Quiz 4medium