top of page
Search

Exploring Kubernetes Secrets and ConfigMaps with kubectl

  • Writer: Rajamohan Rajendran
    Rajamohan Rajendran
  • Jun 4
  • 2 min read

In a Kubernetes environment, managing application configuration securely and efficiently is crucial. Kubernetes provides two native resources to handle this:


  • Secrets: Used to store sensitive information like passwords, tokens, or certificates.

  • ConfigMaps: Used for non-sensitive configuration such as environment variables, config files, or command-line arguments.



This blog walks you through using the kubectl command-line tool to explore both Secrets and ConfigMaps.


Listing Secrets and ConfigMaps

✅ List All Secrets


To view all Secrets in a particular namespace:


kubectl get secrets -n <namespace>


This lists the secret names, their types, and creation timestamps.


✅ List All ConfigMaps


Similarly, to list all ConfigMaps in a namespace:


kubectl get configmaps -n <namespace>


Viewing Detailed Information

Describe a Secret


To get detailed metadata and key names in a Secret:


kubectl describe secret <secret-name> -n <namespace>


However, this does not show the actual values (they are base64-encoded).



Describe a ConfigMap


For a ConfigMap:


kubectl describe configmap <configmap-name> -n <namespace>



This will show all key-value pairs stored inside the ConfigMap.


Viewing Actual Data


Decode Secret Values


Secrets are encoded in base64 for safe transport. To see actual values:


kubectl get secret <secret-name> -n <namespace> -o jsonpath="{.data.<key>}" | base64 --decode


If you want to decode all keys in the secret:


kubectl get secret db-secret -o json | jq -r '.data | map_values(@base64d)'


Viewing ConfigMaps as YAML

To inspect a ConfigMap in full YAML form:


kubectl get configmap <configmap-name> -n <namespace> -o yaml


This is especially useful when you want to back up or replicate the config elsewhere.


Security Note

• Secrets are only base64-encoded, not encrypted by default.

• Use tools like Sealed Secrets or integrate with cloud KMS solutions for stronger protection.

• Always limit RBAC access to secrets.


Final Thoughts

Understanding how to view and manage Secrets and ConfigMaps using kubectl is essential for secure and scalable Kubernetes operations. These commands help you audit configurations, troubleshoot deployments, and maintain a clear view of your environment.

Recent Posts

See All

Comments

bottom of page