beginner

What is Secrets encryption at rest in Kubernetes?

It means protecting secret data stored on disk by encrypting it, so if someone accesses the storage, they cannot read the secrets without the encryption key.

Click to reveal answer

beginner

Which Kubernetes component manages Secrets encryption at rest?

The Kubernetes API server handles encryption and decryption of secrets when storing or retrieving them from etcd.

Click to reveal answer

beginner

Name the file where Kubernetes stores secrets that can be encrypted at rest.

Secrets are stored in etcd, the key-value store used by Kubernetes.

Click to reveal answer

intermediate

What is the purpose of the EncryptionConfiguration file in Kubernetes?

It tells the API server how to encrypt secrets at rest, including which encryption providers and keys to use.

Click to reveal answer

intermediate

List one common encryption provider used for Kubernetes secrets encryption at rest.

One common provider is aescbc, which uses AES encryption in CBC mode.

Click to reveal answer

Where are Kubernetes secrets stored when encrypted at rest?

AIn the container image

BIn the pod's environment variables

CIn the etcd key-value store

DOn the user's local machine

Which Kubernetes component is responsible for encrypting secrets before saving them?

AAPI server

BScheduler

CController manager

DKubelet

What file configures the encryption method for Kubernetes secrets at rest?

ADockerfile

Bkubeconfig file

CPod manifest file

DEncryptionConfiguration file

Which encryption provider is commonly used for Kubernetes secrets encryption?

Arsa

Baescbc

Csha256

Dmd5

Why is encrypting secrets at rest important?

ATo protect secrets if storage is accessed by unauthorized users

BTo speed up pod startup time

CTo reduce network traffic

DTo make secrets visible in logs

Explain how Kubernetes encrypts secrets at rest and which components are involved.

Describe the steps to enable secrets encryption at rest in a Kubernetes cluster.