 A Kubernetes secret is a resource in which you can store sensitive data. Like a password, an OAuth token, an SSH key. Your pod can access this secret, but be careful by default your secret will be unencrypted and anyone who has access to the API can access it and retrieve it as plain text. How do you create a secret? Using the kubectl command, you can simply say kubectl create secret, generic, the name mysecret, from literal, and here I can directly pass what I want to put into my secret. I have my user, that will be as value, my username, and from literal, password, my password. There we go, and that will create my secret. I can check that my secret is there, I can do kubectl get secrets, and there we will see a whole series of other secrets that has been curated by the system itself, and here you can see my secret. I can also describe my secret, kubectl describe my secret, okay, and there we will see some info, by default it's OPEC, but as I told you, if you have access to the YAML file, you can get the content, just by doing this for instance, get secret output as YAML, you can see here the values of my password, and it's just base 64, so I can simply just decode it, and that will give me the value, so be careful. Secrets are accessed by your pod as volumes, okay, and let's see how that works. Let's apply a deployment that accesses the secret that I've just created. If I take a look at this file, we can see that I mount volume here, my secret secret stuff, and finally here in volume, I can specify that my volume is a secret of the name my secret, and this is how from my pod I can access like any other volume to my secret, that's all, thank you. Thanks for watching, don't forget to like this video and to subscribe to the channel.