Chapter 4 introduced HashiCorp Vault as a KMS that could be used to provide encryption for secrets and other resources stored in etcd—the key/value datastore for Kubernetes—so these values could not be readily accessed because they were stored at rest.
This chapter focuses on the importance of using a secrets management tool, like HashiCorp Vault, to securely store and manage sensitive assets for applications deployed to Kubernetes as well as demonstrating how both applications and Vault can be configured to provide seamless integration with one another. By using a tool like Vault, application teams can offload some of the responsibilities involved in managing sensitive resources to a purpose-built tool, while still being able to integrate with their applications.