Kubernetes when to use secrets instead of configmap?

Question

What are the differences between secrets and configmap in term of security?

In which cases would I want to use secret instead of configmap?

Answer 1

Secrets are stored encoded and over time will become more protected (e.g. limited access, encrypted at rest, etc). Secrets existed before ConfigMap was created, so until recently it was common to store configuration data in secrets (e.g. conf2kube).

You should use secrets for sensitive data (database passwords, private keys) and ConfigMaps for non-sensitive configuration data.