Explore an innovative approach to enhancing Kubernetes secrets protection in this conference talk. Learn about the implementation of Trusted Execution Environment (TEE) and enhanced authentication to create an end-to-end secret hardening solution for Kubernetes clusters. Discover how to guard secrets while in use, at rest, and in transit by making changes to kubectl, Kubernetes master, and node components. Gain insights into TEE transparency for developers and users, and witness a practical demonstration. Understand the real-world application of this technology at Alibaba and learn about the proposed Kubernetes Enhancement Proposal (KEP) for the community. Delve into topics such as confidential computing, TEE-based KMS plugins and providers, and the Occlum framework for simplified SGX development.