The nuances of cloud-native architecture necessitate some new approaches to security. Not only are container-based microservices inherently distributed, but there is a rising number of dependencies within the software supply chain. As a result, developers are faced with storing and accessing many types of secrets, including API keys, encryption keys, JSON Web Tokens (JWTs) and others when building cloud-native applications based on containers and running on platforms like Kubernetes. But, leaving such secrets exposed within your codebase goes against security best practices, as an attacker could easily access them.
