K3S-HOME/security
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

FEAT(vault): add clustersecretstore

Browse Source 
- for vault-backend
- Create cluster-wide secret store for External Secrets Operator
- Configure Kubernetes auth with external-secrets service account
- Enable all namespaces to access Vault secrets via ClusterSecretStore
This commit is contained in:
Mayne0213
2025-12-17 16:25:49 +09:00
parent 05a5de7c0f
commit fa24f224ee
2 changed files with 23 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
vault/kustomization.yaml
View File

@@ -4,4 +4,9 @@ kind: Kustomization
resources:
# ArgoCD Application 리소스는 infrastructure/kustomization.yaml에서 관리
# - argocd/vault.yaml
# - argocd/vault-secrets.yaml
# - argocd/vault-secrets.yaml
# External Secrets integration
# ServiceAccount is managed by external-secrets Helm chart
- cluster-secret-store.yaml
# vault-config-job.yaml은 삭제됨 (민감한 정보 포함으로 인해 .md 파일로 대체)