Advantage of using volume secrets over usual volume mounting

I was wondering if there is any advantage of using secrets over standard file mounting in Kubernetes. I have to provide credentials, saved on the host machine to one of pods and just cannot understand what are the pros of using them.

Solution

The main idea of using secrets is to reduce exposure and make it more secure. It was specifically designed for this. As per documentation:

The data in the secrets is encoded (base64)
Secrets can only be referenced from the same namespace
A secret is only sent to a node if a pod on that node requires it. It is stored into a tmpfs and not written to disk. Once the pod that is using the secret is gone, kubelet will delete its local copy of the secret on that node.
You can set access rights (e.g 644)
If there are several secrets for several pods on the same node, one pod will not have access to the secrets of another pod, only the one that it asks for

How can I close over variables in kdb/Q?
When is the EACH operator extension necessary in K besides mod/rotate?
Handling single-character strings - in a function or in its caller? ssr()
Kdb+ data fomat when writing to a file
How to convert a symbol to a string in kdb+?
Sum of each two elements using vector functions
A dictionary with a single value and multiple keys
Table transformation, table as list of dicts
Accumulator gives different result then direct function applying
Reshape [cols;table]
FK field over IPC
Protected execution, 2 cases
Enums for tables
Converge (fixed point) syntax difference in q and k
.Q.trp and bt handling
NULLs in q and in k.h
Strange view declaration behaviour
How to build a parse-tree of projections?
Could not evaluate manually created equial ~ parse tree
Select distinct for all columns from keyed table
Parallel execution: blocking receive, deferred synchronous
Multiple variable assignment in q
Select a table from the inside of external select
Select when one of filter-column may not exists
What is the meaning of `s attribute on a table?
On parallel execution - which side reports about an error?
Validate if a keyed table have unique keys
Applying dictionary to dictionary
About xkey implementation
Parse tree built on values from vars