Mayne0213
fa24f224ee
- for vault-backend - Create cluster-wide secret store for External Secrets Operator - Configure Kubernetes auth with external-secrets service account - Enable all namespaces to access Vault secrets via ClusterSecretStore
18 lines
420 B
YAML
18 lines
420 B
YAML
apiVersion: external-secrets.io/v1beta1
|
|
kind: ClusterSecretStore
|
|
metadata:
|
|
name: vault-backend
|
|
spec:
|
|
provider:
|
|
vault:
|
|
server: http://vault.vault.svc.cluster.local:8200
|
|
path: secret
|
|
version: v2
|
|
auth:
|
|
kubernetes:
|
|
mountPath: kubernetes
|
|
role: external-secrets
|
|
serviceAccountRef:
|
|
name: external-secrets
|
|
namespace: external-secrets
|