kubernetes-external-secrets allows you to use external secret management systems, like AWS Secrets Manager, to securely add Secrets in Kubernetes, so Pods can access Secrets normally.
Amazon Elastic Kubernetes Service (Amazon EKS) is a managed Kubernetes as a Service on AWS. IMAO, Google Cloud's GKE is still the best choice for managed Kubernetes service if you're not stuck in AWS.
To avoid the error "No 'Access-Control-Allow-Origin' header is present on the requested resource"
TLS actually uses both Asymmetric Encryption and Symmetric Encryption, so-called a hybrid cryptosystem. Simply speaking, TLS first uses an Asymmetric algorithm to exchange shared secrets between both sides, then generates a Symmetric key (the session key) from the shared secrets, finally uses the session key to encrypt application data (HTTP request/response).
Kubernetes is the de facto standard of container orchestration. Google Kubernetes Engine (GKE) is a managed Kubernetes as a Service provided by Google Cloud Platform.