secrets-store-integration
Custom Resources

The secrets-store-integration module: Custom Resources

SecretsStoreImport

Scope: Namespaced
Version: v1alpha1

Namespaced Kubernetes Custom resource for mapping between Vault-compatible storage and filename in container

spec

object
- spec.address
  
  string
  Address of Vault-compatible storage. If omitted value from ModuleConfig will be used.
  
  Pattern: ^https?://[.:0-9a-zA-Z-]+$
- spec.audience
  
  string
  JWT audience
- spec.authPath
  
  string
  Auth mount path in Vault-compatible storage. If omitted value from ModuleConfig will be used.
  
  Pattern: ^[-_.a-zA-Z0-9]+$
- spec.caCert
  
  string
  Stronghold or Vault CA in PEM format. If omitted value from ModuleConfig will be used.
  
  Pattern: ^-----BEGIN CERTIFICATE----- (.+ ){5}
- spec.files
  
  array of objects
  Required value
  - spec.files.name
    
    string
    Filename to create
    
    Pattern: ^[-_a-zA-Z0-9.]+$
  - spec.files.source
    
    object
    - spec.files.source.key
      
      string
      Required value
      
      Vault secretKey
      
      Pattern: ^[-a-zA-Z0-9_.]+$
    - spec.files.source.path
      
      string
      Required value
      
      Vault secretPath
      
      Pattern: ^[-a-zA-Z0-9_.\/]+$
- spec.namespace
  
  string
  Namespace where secret is stored. If omitted value from ModuleConfig will be used.
  
  Pattern: ^[-_./a-zA-Z0-9]+$
- spec.role
  
  string
  Required value
  
  Role in Vault-compatible storage
  
  Pattern: ^[-_\.a-zA-Z0-9]+$
- spec.skipTLSVerify
  
  boolean
  Skip TLS verification
- spec.type
  
  string
  Required value
  
  Only mode CSI supported
  
  Allowed values: CSI

Was the page useful?

Thanks for the review!

Your response is being processed, and changes can be made in 5 minutes.

An error has occurred

Please try again later

Tell us what you didn’t like.

Little useful There are errors It’s written incomprehensibly Outdated information Other