Load secrets into your pods at runtime when your pods are deployed and scaled. Keep secrets out of source files, CI/CD and build artifacts, and manage them centrally through 1Password.

Unlike the 1Password Kubernetes Operator, the Secrets Injector doesn't create a Kubernetes Secret when assigning secrets to your resource. It injects the secrets directly as environment variables into your pods, using a sidecar container attached through a mutating webhook.