Skip to main content

What are Secrets

What are Secrets?​

Like Kubernetes secrets, vCluster Platform secrets are intended to hold confidential data in the form of key/value pairs. vCluster Platform extends Kubernetes secrets by allowing global or project level managment of secret data, managing which users and teams can access secrets, and synchronizing secret data across multiple clusters and the spaces and virtual clusters on those clusters. After creating vCluster Platform secrets, native Kubernetes secrets can be created with labels that indicate to vCluster Platform that the secret data should be synchronized with vCluster Platform secrets. Once this secret synchronization is configured, the secret data can be mounted using the native secret as usual, but managed at the project or global level using vCluster Platform secrets.

Project Secrets​

Project secrets are scoped to a Project, and implicitly only allow access to members of the project. Once a project secret is created, native Kubernetes secrets that synchronize to the project secret can be created in spaces and virtual clusters that belong to the project. This provides a convenient way to manage secret data for all members of the project. For more information on creating project secrets, see creating project secrets

Global Secrets​

Global secrets or shared secrets can be synchronized across all spaces in vCluster Platform registered clusters. Additionally, global secrets can be use to synchronize project secrets. This allows organization wide management of secrets shared across multiple projects. Like project secrets, native Kubernetes secrets can be synchronized directly to global secrets, however this synchronization only works for secrets defined in spaces and not virtual clusters. For more information on creating project secrets, see creating global secrets