🗂️ Navigation
📁 GitOps
📋 GitOps Security
🔧 Sealed Secrets

Sealed Secrets

A Kubernetes controller and tool for one-way encrypted Secrets.

Visit Website →

Overview

Sealed Secrets is a Kubernetes controller and tool for one-way encrypted Secrets. It allows you to encrypt your Secrets into a SealedSecret, which is safe to store - even inside a public repository. The SealedSecret can be decrypted only by the controller running in the target cluster and nobody else (not even the original author) is able to obtain the original Secret from the SealedSecret.

✨ Key Features

  • One-way encryption of Kubernetes Secrets
  • Safely store secrets in Git repositories
  • Decryption only by the controller in the cluster
  • GitOps-friendly workflow

🎯 Key Differentiators

  • Simple and focused on one-way encryption of Kubernetes Secrets
  • Easy to set up and use
  • Strongly aligned with the GitOps philosophy

Unique Value: Provides a simple and secure way to manage Kubernetes Secrets in a GitOps workflow by allowing encrypted secrets to be stored in Git.

🎯 Use Cases (2)

Managing Kubernetes Secrets in a GitOps workflow Securely storing sensitive information in public or private Git repositories

✅ Best For

  • Simple and effective one-way encryption of Kubernetes Secrets for GitOps.

💡 Check With Vendor

Verify these considerations match your specific requirements:

  • Organizations that require advanced secret management features like dynamic secrets, leasing, and rotation.

🏆 Alternatives

Kamus HashiCorp Vault

Offers a much simpler and more focused solution for Kubernetes secret management in GitOps compared to the more complex and feature-rich HashiCorp Vault.

💻 Platforms

Kubernetes

🔌 Integrations

Kubernetes kubectl

💰 Pricing

Contact for pricing
Free Tier Available

Free tier: Open source and free to use.

📊 Market Info

Customers: NA

Visit Sealed Secrets Website →

🔄 Similar Tools in GitOps Security

Snyk

A developer-first security platform for finding and fixing vulnerabilities in code, dependencies, co...

Contact

Checkov

An open-source static analysis tool for scanning infrastructure as code (IaC) to find misconfigurati...

Contact

Trivy

An open-source vulnerability scanner for containers, IaC, and more....

Contact

KICS

An open-source solution for static analysis of IaC, finding security vulnerabilities, compliance iss...

Contact

Terrascan

An open-source static code analyzer for Infrastructure as Code, scanning for security vulnerabilitie...

Contact

Open Policy Agent (OPA)

An open source, general-purpose policy engine that unifies policy enforcement across the stack....

Contact