diff --git a/.infrastructure/confgiMap.yml b/.infrastructure/confgiMap.yml
new file mode 100644
index 0000000..9a79788
--- /dev/null
+++ b/.infrastructure/confgiMap.yml
@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: app-config
+  namespace: todoapp
+data:
+  PYTHONUNBUFFERED: "1"
+
diff --git a/.infrastructure/deployment.yml b/.infrastructure/deployment.yml
index 47f8efe..af5e9e5 100644
--- a/.infrastructure/deployment.yml
+++ b/.infrastructure/deployment.yml
@@ -29,7 +29,15 @@ spec:
             cpu: "150m"
         env:
         - name: PYTHONUNBUFFERED
-          value: "1"
+          valueFrom:
+            configMapKeyRef:
+              name: app-config
+              key: PYTHONUNBUFFERED
+        - name: SECRET_KEY
+          valueFrom:
+            secretKeyRef:
+              name: app-secret
+              key: SECRET_KEY
         ports:
         - containerPort: 8080
         livenessProbe:
diff --git a/.infrastructure/secret.yml b/.infrastructure/secret.yml
new file mode 100644
index 0000000..4487949
--- /dev/null
+++ b/.infrastructure/secret.yml
@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: app-secret
+  namespace: todoapp
+type: Opaque
+data:
+  SECRET_KEY: "TXlTdHJvbmdQYXNzd29yZA=="
diff --git a/README.md b/README.md
index f4c4dfe..84ff8c0 100644
--- a/README.md
+++ b/README.md
@@ -44,3 +44,23 @@ Create a kubernetes manifest for a pod which will containa ToDo app container:
 1. `README.md` should have commands to apply all the changes
 1. `README.md` should have instructuions on how to validate the changes
 1. Create PR with your changes and attach it for validation on a platform.
+
+### Commands to apply changes:
+```
+kubectl apply -f configMap.yml
+```
+```
+kubectl apply -f secret.yml
+```
+```
+kubectl apply -f deployment.yml
+```
+
+### Commands to validate changes:
+```
+kubectl get configmaps
+```
+```
+kubectl get secrets
+```
+
diff --git a/src/todolist/settings.py b/src/todolist/settings.py
index e00a954..7369204 100644
--- a/src/todolist/settings.py
+++ b/src/todolist/settings.py
@@ -18,7 +18,7 @@
 # See https://docs.djangoproject.com/en/1.7/howto/deployment/checklist/
 
 # SECURITY WARNING: keep the secret key used in production secret!
-SECRET_KEY = "@e2(yx)v&tgh3_s=0yja-i!dpebxsz^dg47x)-k&kq_3zf*9e*"
+SECRET_KEY = os.getenv('SECRET_KEY', default="SECRET_KEY")
 
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = True