{"id":2654,"date":"2020-03-30T14:03:54","date_gmt":"2020-03-30T12:03:54","guid":{"rendered":"https:\/\/geko2.factoryfy.com\/kubernetes-external-secrets\/"},"modified":"2021-11-07T22:09:51","modified_gmt":"2021-11-07T21:09:51","slug":"kubernetes-external-secrets","status":"publish","type":"post","link":"https:\/\/geko.cloud\/en\/kubernetes-external-secrets\/","title":{"rendered":"Kubernetes external secrets"},"content":{"rendered":"<p>In this post we will talk about <strong><a href=\"https:\/\/geko.cloud\/en\/what-is-kubernetes\/\">Kubernetes<\/a> external secrets<\/strong>. It&#8217;s a project developed by the <a href=\"https:\/\/es.godaddy.com\/engineering\/2019\/04\/16\/kubernetes-external-secrets\/\"><strong>GoDaddy Engeneering Team<\/strong><\/a> that allows to use external secrets management systems to securely add secrets to your <a href=\"https:\/\/geko.cloud\/en\/what-is-kubernetes\/\">Kubernetes<\/a> cluster. At the time of writing, it supports the following backends:<\/p>\n<ul>\n<li>AWS Secrets Manager<\/li>\n<li>AWS System Manager<\/li>\n<li>GCP Secret Manager<\/li>\n<li>Azure Key Vault<\/li>\n<li>Hashicorp Vault<\/li>\n<\/ul>\n<p>With external secrets you will be able to use secrets created and stored in both secrets management systems as a centralized place to store all the secrets you need for your applications, CICD, etc. With this approach you will avoid to store secrets in different places and put sensitive data in your code repositories.<\/p>\n<figure id=\"attachment_5382\" aria-describedby=\"caption-attachment-5382\" style=\"width: 800px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-5382 size-large\" src=\"https:\/\/geko.cloud\/wp-content\/uploads\/2020\/03\/architecture-aws-1024x394.png\" alt=\"architecture aws\" width=\"800\" height=\"308\" srcset=\"https:\/\/geko.cloud\/wp-content\/uploads\/2020\/03\/architecture-aws-1024x394.png 1024w, https:\/\/geko.cloud\/wp-content\/uploads\/2020\/03\/architecture-aws-300x115.png 300w, https:\/\/geko.cloud\/wp-content\/uploads\/2020\/03\/architecture-aws-768x296.png 768w, https:\/\/geko.cloud\/wp-content\/uploads\/2020\/03\/architecture-aws-1536x591.png 1536w, https:\/\/geko.cloud\/wp-content\/uploads\/2020\/03\/architecture-aws.png 1990w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><figcaption id=\"caption-attachment-5382\" class=\"wp-caption-text\">Figure 1. External secrets architecture<\/figcaption><\/figure>\n<p>Figure 1 description:<\/p>\n<ol>\n<li>ExternalSecrets controller is added in the k8s cluster<\/li>\n<li>Controller fetches ExternalSecrets using the <a href=\"https:\/\/geko.cloud\/en\/what-is-kubernetes\/\">Kubernetes<\/a> API<\/li>\n<li>Controller uses ExternalSecrets to fetch secret data from external providers (e.g, AWS Secrets Manager)<\/li>\n<li>Controller upsert Secrets and\u00a0pods can access Secrets in their namespaces normally<\/li>\n<\/ol>\n<p>We use this software in different customers and it works flawlessly.<\/p>\n<p>Now, we will show you an example <strong>using AWS cloud infrastructure (EKS)<\/strong>\u00a0and you will see how easy is to implement this service.<\/p>\n<h2>Secret creation<\/h2>\n<p>First of all we will create the secret itself. For this example, we will use <strong>AWS Secrets Manager<\/strong> and we will create the secret using <strong>Cloudformation:<\/strong><\/p>\n<div class=\"wp-block-codemirror-blocks code-block\">\n<pre class=\"CodeMirror\" data-setting=\"{\">AWSTemplateFormatVersion: '2010-09-09'\r\nDescription: Secrets definitions\r\n\r\nParameters:\r\n  EnvName:\r\n    Description: 'Environment name'\r\n    Type: String\r\n\r\nResources:\r\n  DBCredentials:\r\n    Type: 'AWS::SecretsManager::Secret'\r\n    Properties:\r\n      Name: !Sub DB-${EnvName}\r\n      Description:\r\n        Fn::Join:\r\n        - ' - '\r\n        - - 'DB credentials'\r\n          - !Ref EnvName\r\n      SecretString: '\r\n        {\r\n          \"user\": \"myappuser\",\r\n          \"password\": \"changeme\"\r\n        } '<\/pre>\n<\/div>\n<p>In this example we&#8217;ve created the secret with password value <em>&#8216;changeme&#8217;<\/em> and you must change it after secret resource creation.\u00a0Remember that this yaml file will be stored in your preferred Git provider and we don&#8217;t want to store passwords in code repositories! \ud83d\ude09<\/p>\n<p><em><strong>TIP:\u00a0<\/strong>You can change the password manually via AWS Console for the first time and after that, for instance, you can implement a password automatic rotation. In this case, make sure that the password configured in your service also changes! For AWS RDS password rotation (that we used in this example) please read <a href=\"https:\/\/aws.amazon.com\/blogs\/security\/rotate-amazon-rds-database-credentials-automatically-with-aws-secrets-manager\/\">this<\/a>.<\/em><\/p>\n<h2>Deployment<\/h2>\n<p>Once we&#8217;ve created the secret with the correct password value, we will install external secrets in our EKS cluster. We will install it via helm package as follows:<\/p>\n<div class=\"wp-block-codemirror-blocks code-block\">\n<pre class=\"CodeMirror\" data-setting=\"{\"># First of all, we add external secrets repo\r\nhelm repo add external-secrets https:\/\/godaddy.github.io\/kubernetes-external-secrets\/\r\n\r\n# And we install the helm package. In this example, in kube-system namespace but you can install it where you want\r\nhelm upgrade --install \r\n    --namespace kube-system \r\n    external-secrets external-secrets\/kubernetes-external-secrets\r\n\r\n<\/pre>\n<\/div>\n<p>Probably, you&#8217;ll need to configure the helm chart with appropriate <strong>values<\/strong>, please see <a href=\"https:\/\/github.com\/godaddy\/kubernetes-external-secrets\/tree\/master\/charts\/kubernetes-external-secrets\">helm chart docs<\/a>.<\/p>\n<p>We can check that the pod is running:<\/p>\n<pre>$ kubectl get pod external-secrets-598f9cb66f-m5xn5 -n kube-system\r\nNAME                               READY  STATUS   RESTARTS  AGE\r\nexternal-secrets-598f9cb66f-m5xn5  1\/1    Running  0         97d<\/pre>\n<h2>External secrets object creation<\/h2>\n<p>Now it&#8217;s time to create the ExternalSecret object:<\/p>\n<div class=\"wp-block-codemirror-blocks code-block \">\n<pre class=\"CodeMirror\" data-setting=\"{\">apiVersion: 'kubernetes-client.io\/v1'\r\nkind: ExternalSecret\r\nmetadata:\r\n  name: db-app-credentials\r\n  namespace: your_namespace\r\nspec:\r\n  backendType: secretsManager\r\n  # optional: specify role to assume when retrieving the data\r\n  roleArn: arn:aws:iam::123456789012:role\/secrets-readonly-example\r\n  data:\r\n    - key: DB-\r\n      name: user\r\n    - key: DB-\r\n      name: password\r\n<\/pre>\n<\/div>\n<p>Because we are running k8s in EKS, please note that we used a roleArn that allows access to AWS Secrets Manager. You can do it also granting access to your EKS worker nodes defining and configuring a node instance role.<\/p>\n<p>Moreover, if your k8s cluster runs <strong>outside<\/strong> AWS, GCP or Azure you can pass the credentials as environment variables when you deploy the helm chart (please, take a look at the values.yaml file options).<\/p>\n<p>Once we&#8217;ve created the ExternalSecret object, after a few seconds, a k8s secret will be created in the specified namespace:<\/p>\n<pre>$ kubectl get secret db-app-credentials -n your_namespace\u00a0\r\nNAME\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0   TYPE\u00a0 \u00a0 DATA\u00a0 \u00a0 \u00a0AGE\r\ndb-app-credentials              Opaque\u00a0 2\u00a0 \u00a0 \u00a0 \u00a0 23m\r\n<\/pre>\n<p><span style=\"font-family: Georgia, 'Times New Roman', 'Bitstream Charter', Times, serif;\">And the content of the secret will be similar to this:<\/span><\/p>\n<pre>$ kubectl get secret db-app-credentials-n your_namespace -o yaml\r\napiVersion: v1\r\ndata:\r\n  password: sgdhfh7w98JHGFsq1shdgA==\r\n  user: bXlhcHB1c2VyCg==\r\nkind: Secret\r\nmetadata:\r\n  creationTimestamp: \"2020-03-30T10:26:34Z\"\r\n  name: db-app-credentials\r\n  namespace: your_namespace\r\n  ownerReferences:\r\n  - apiVersion: kubernetes-client.io\/v1\r\n    controller: true\r\n    kind: ExternalSecret\r\n    name: db-app-credentials\r\n    uid: 8a69iac3-2007-11ea-ae84-0awqa0e278d8\r\n  resourceVersion: \"14684195\"\r\n  selfLink: \/api\/v1\/namespaces\/your_namespace\/secrets\/db-app-credentials\r\n  uid: aeha168b-2007-11ea-ae84-0a0ath7278d8\r\ntype: Opaque<\/pre>\n<p>Now, every time you update your secret in the backend, your secret in <a href=\"https:\/\/geko.cloud\/en\/what-is-kubernetes\/\">k8s<\/a> cluster will also be updated.<\/p>\n<h2>Final notes<\/h2>\n<p>You can configure the poll interval (how often external secrets will ask to backend for changes or new secrets). Please, take into account that many cloud providers charge for secret access or api calls. \ud83d\ude09<\/p>\n<p>It&#8217;s important to know that <a href=\"https:\/\/geko.cloud\/en\/what-is-kubernetes\/\">Kubernetes<\/a> external secrets only makes\u00a0<strong>upserts<\/strong>. It will not delete any secret in your <a href=\"https:\/\/geko.cloud\/en\/what-is-kubernetes\/\">k8s<\/a> cluster in case of failure or backend access\/synchronization problems.<\/p>\n<p>That&#8217;s it!! \ud83d\ude42 For more info you can visit the <a href=\"https:\/\/github.com\/godaddy\/kubernetes-external-secrets\">external secrets github repo<\/a>.<\/p>\n<p>&nbsp;<\/p>\n<hr \/>\n<p>I hope you&#8217;ve enjoyed this post and I encourage you to <a href=\"https:\/\/geko.cloud\/en\/blog\/\">check our blog for other posts<\/a> that you might find helpful. <a href=\"https:\/\/geko.cloud\/en\/contact\/\">Do not hesitate to contact us<\/a> if you would like us to help you on your projects.<\/p>\n<p>See you on the next post!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In this post we will talk about Kubernetes external secrets. It&#8217;s a project developed by the GoDaddy Engeneering Team that allows to use external secrets management systems to securely add secrets to your Kubernetes cluster. At the time of writing, it supports the following backends: AWS Secrets Manager AWS System Manager GCP Secret Manager Azure [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":2314,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[67],"tags":[90],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Kubernetes external secrets<\/title>\n<meta name=\"description\" content=\"How to link your kubernetes secrets with most popular secrets management systems in AWS, GCP, Azure or Hashicorp Vault\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/geko.cloud\/es\/secretos-externos-kubernetes\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Kubernetes external secrets\" \/>\n<meta property=\"og:description\" content=\"How to link your kubernetes secrets with most popular secrets management systems in AWS, GCP, Azure or Hashicorp Vault\" \/>\n<meta property=\"og:url\" content=\"https:\/\/geko.cloud\/es\/secretos-externos-kubernetes\/\" \/>\n<meta property=\"og:site_name\" content=\"Geko Cloud\" \/>\n<meta property=\"article:published_time\" content=\"2020-03-30T12:03:54+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-11-07T21:09:51+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/geko.cloud\/wp-content\/uploads\/post.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"768\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Jose Luis S\u00e1nchez\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@geko_cloud\" \/>\n<meta name=\"twitter:site\" content=\"@geko_cloud\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/geko.cloud\/es\/secretos-externos-kubernetes\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/geko.cloud\/es\/secretos-externos-kubernetes\/\"},\"author\":{\"name\":\"Jose Luis S\u00e1nchez\",\"@id\":\"https:\/\/geko.cloud\/es\/#\/schema\/person\/d06aff498ebfbc75b5010ebe92af41ed\"},\"headline\":\"Kubernetes external secrets\",\"datePublished\":\"2020-03-30T12:03:54+00:00\",\"dateModified\":\"2021-11-07T21:09:51+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/geko.cloud\/es\/secretos-externos-kubernetes\/\"},\"wordCount\":651,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/geko.cloud\/es\/#organization\"},\"image\":{\"@id\":\"https:\/\/geko.cloud\/es\/secretos-externos-kubernetes\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/geko.cloud\/wp-content\/uploads\/post.png\",\"keywords\":[\"Kubernetes\"],\"articleSection\":[\"Labs\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/geko.cloud\/es\/secretos-externos-kubernetes\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/geko.cloud\/es\/secretos-externos-kubernetes\/\",\"url\":\"https:\/\/geko.cloud\/es\/secretos-externos-kubernetes\/\",\"name\":\"Kubernetes external secrets\",\"isPartOf\":{\"@id\":\"https:\/\/geko.cloud\/es\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/geko.cloud\/es\/secretos-externos-kubernetes\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/geko.cloud\/es\/secretos-externos-kubernetes\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/geko.cloud\/wp-content\/uploads\/post.png\",\"datePublished\":\"2020-03-30T12:03:54+00:00\",\"dateModified\":\"2021-11-07T21:09:51+00:00\",\"description\":\"How to link your kubernetes secrets with most popular secrets management systems in AWS, GCP, Azure or Hashicorp Vault\",\"breadcrumb\":{\"@id\":\"https:\/\/geko.cloud\/es\/secretos-externos-kubernetes\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/geko.cloud\/es\/secretos-externos-kubernetes\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/geko.cloud\/es\/secretos-externos-kubernetes\/#primaryimage\",\"url\":\"https:\/\/geko.cloud\/wp-content\/uploads\/post.png\",\"contentUrl\":\"https:\/\/geko.cloud\/wp-content\/uploads\/post.png\",\"width\":1024,\"height\":768,\"caption\":\"AWS Vault Google Azure logo\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/geko.cloud\/es\/secretos-externos-kubernetes\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Portada\",\"item\":\"https:\/\/geko.cloud\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Kubernetes external secrets\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/geko.cloud\/es\/#website\",\"url\":\"https:\/\/geko.cloud\/es\/\",\"name\":\"Geko Cloud\",\"description\":\"Servicios de consultor\u00eda cloud y devops\",\"publisher\":{\"@id\":\"https:\/\/geko.cloud\/es\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/geko.cloud\/es\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/geko.cloud\/es\/#organization\",\"name\":\"Geko Cloud\",\"url\":\"https:\/\/geko.cloud\/es\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/geko.cloud\/es\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/geko.cloud\/wp-content\/uploads\/2021\/10\/geko_logo-positivo.png\",\"contentUrl\":\"https:\/\/geko.cloud\/wp-content\/uploads\/2021\/10\/geko_logo-positivo.png\",\"width\":1650,\"height\":809,\"caption\":\"Geko Cloud\"},\"image\":{\"@id\":\"https:\/\/geko.cloud\/es\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/geko_cloud\",\"https:\/\/www.instagram.com\/gekocloud\/\",\"https:\/\/www.linkedin.com\/company\/gekocloud\",\"https:\/\/www.youtube.com\/channel\/UC5EFLCqUM7fEaXSa_0nWowQ\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/geko.cloud\/es\/#\/schema\/person\/d06aff498ebfbc75b5010ebe92af41ed\",\"name\":\"Jose Luis S\u00e1nchez\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/geko.cloud\/es\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/ebfd055d4dba456220c682523fcc237c?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/ebfd055d4dba456220c682523fcc237c?s=96&d=mm&r=g\",\"caption\":\"Jose Luis S\u00e1nchez\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Kubernetes external secrets","description":"How to link your kubernetes secrets with most popular secrets management systems in AWS, GCP, Azure or Hashicorp Vault","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/geko.cloud\/es\/secretos-externos-kubernetes\/","og_locale":"en_US","og_type":"article","og_title":"Kubernetes external secrets","og_description":"How to link your kubernetes secrets with most popular secrets management systems in AWS, GCP, Azure or Hashicorp Vault","og_url":"https:\/\/geko.cloud\/es\/secretos-externos-kubernetes\/","og_site_name":"Geko Cloud","article_published_time":"2020-03-30T12:03:54+00:00","article_modified_time":"2021-11-07T21:09:51+00:00","og_image":[{"width":1024,"height":768,"url":"https:\/\/geko.cloud\/wp-content\/uploads\/post.png","type":"image\/png"}],"author":"Jose Luis S\u00e1nchez","twitter_card":"summary_large_image","twitter_creator":"@geko_cloud","twitter_site":"@geko_cloud","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/geko.cloud\/es\/secretos-externos-kubernetes\/#article","isPartOf":{"@id":"https:\/\/geko.cloud\/es\/secretos-externos-kubernetes\/"},"author":{"name":"Jose Luis S\u00e1nchez","@id":"https:\/\/geko.cloud\/es\/#\/schema\/person\/d06aff498ebfbc75b5010ebe92af41ed"},"headline":"Kubernetes external secrets","datePublished":"2020-03-30T12:03:54+00:00","dateModified":"2021-11-07T21:09:51+00:00","mainEntityOfPage":{"@id":"https:\/\/geko.cloud\/es\/secretos-externos-kubernetes\/"},"wordCount":651,"commentCount":0,"publisher":{"@id":"https:\/\/geko.cloud\/es\/#organization"},"image":{"@id":"https:\/\/geko.cloud\/es\/secretos-externos-kubernetes\/#primaryimage"},"thumbnailUrl":"https:\/\/geko.cloud\/wp-content\/uploads\/post.png","keywords":["Kubernetes"],"articleSection":["Labs"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/geko.cloud\/es\/secretos-externos-kubernetes\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/geko.cloud\/es\/secretos-externos-kubernetes\/","url":"https:\/\/geko.cloud\/es\/secretos-externos-kubernetes\/","name":"Kubernetes external secrets","isPartOf":{"@id":"https:\/\/geko.cloud\/es\/#website"},"primaryImageOfPage":{"@id":"https:\/\/geko.cloud\/es\/secretos-externos-kubernetes\/#primaryimage"},"image":{"@id":"https:\/\/geko.cloud\/es\/secretos-externos-kubernetes\/#primaryimage"},"thumbnailUrl":"https:\/\/geko.cloud\/wp-content\/uploads\/post.png","datePublished":"2020-03-30T12:03:54+00:00","dateModified":"2021-11-07T21:09:51+00:00","description":"How to link your kubernetes secrets with most popular secrets management systems in AWS, GCP, Azure or Hashicorp Vault","breadcrumb":{"@id":"https:\/\/geko.cloud\/es\/secretos-externos-kubernetes\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/geko.cloud\/es\/secretos-externos-kubernetes\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/geko.cloud\/es\/secretos-externos-kubernetes\/#primaryimage","url":"https:\/\/geko.cloud\/wp-content\/uploads\/post.png","contentUrl":"https:\/\/geko.cloud\/wp-content\/uploads\/post.png","width":1024,"height":768,"caption":"AWS Vault Google Azure logo"},{"@type":"BreadcrumbList","@id":"https:\/\/geko.cloud\/es\/secretos-externos-kubernetes\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Portada","item":"https:\/\/geko.cloud\/en\/"},{"@type":"ListItem","position":2,"name":"Kubernetes external secrets"}]},{"@type":"WebSite","@id":"https:\/\/geko.cloud\/es\/#website","url":"https:\/\/geko.cloud\/es\/","name":"Geko Cloud","description":"Servicios de consultor\u00eda cloud y devops","publisher":{"@id":"https:\/\/geko.cloud\/es\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/geko.cloud\/es\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/geko.cloud\/es\/#organization","name":"Geko Cloud","url":"https:\/\/geko.cloud\/es\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/geko.cloud\/es\/#\/schema\/logo\/image\/","url":"https:\/\/geko.cloud\/wp-content\/uploads\/2021\/10\/geko_logo-positivo.png","contentUrl":"https:\/\/geko.cloud\/wp-content\/uploads\/2021\/10\/geko_logo-positivo.png","width":1650,"height":809,"caption":"Geko Cloud"},"image":{"@id":"https:\/\/geko.cloud\/es\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/geko_cloud","https:\/\/www.instagram.com\/gekocloud\/","https:\/\/www.linkedin.com\/company\/gekocloud","https:\/\/www.youtube.com\/channel\/UC5EFLCqUM7fEaXSa_0nWowQ"]},{"@type":"Person","@id":"https:\/\/geko.cloud\/es\/#\/schema\/person\/d06aff498ebfbc75b5010ebe92af41ed","name":"Jose Luis S\u00e1nchez","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/geko.cloud\/es\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/ebfd055d4dba456220c682523fcc237c?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/ebfd055d4dba456220c682523fcc237c?s=96&d=mm&r=g","caption":"Jose Luis S\u00e1nchez"}}]}},"_links":{"self":[{"href":"https:\/\/geko.cloud\/en\/wp-json\/wp\/v2\/posts\/2654"}],"collection":[{"href":"https:\/\/geko.cloud\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/geko.cloud\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/geko.cloud\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/geko.cloud\/en\/wp-json\/wp\/v2\/comments?post=2654"}],"version-history":[{"count":3,"href":"https:\/\/geko.cloud\/en\/wp-json\/wp\/v2\/posts\/2654\/revisions"}],"predecessor-version":[{"id":5385,"href":"https:\/\/geko.cloud\/en\/wp-json\/wp\/v2\/posts\/2654\/revisions\/5385"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/geko.cloud\/en\/wp-json\/wp\/v2\/media\/2314"}],"wp:attachment":[{"href":"https:\/\/geko.cloud\/en\/wp-json\/wp\/v2\/media?parent=2654"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/geko.cloud\/en\/wp-json\/wp\/v2\/categories?post=2654"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/geko.cloud\/en\/wp-json\/wp\/v2\/tags?post=2654"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}