By default, Kubernetes does not hide the secrets while encrypting, managing, and sharing secrets across a Kubernetes cluster, if the secrets are decoded with Base64. Therefore, Access Manager Secrets could be visible.
You can protect the Access Manager Secrets by performing one or all of the following options:
Encrypt secret data at rest. For more information, see Encrypting Secret Data at Rest.
Enable SSL for etcd communication. For more information, see PKI certificates.
Add authorization policies. For more information, see Authorization Overview.