mirrors/external-secrets
1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00
Code Activity

Adds service account with Worload identity annotations

Browse source
This commit is contained in:
Docs 2022-06-22 15:14:37 -03:00
parent f4d6b7392a
commit 22601c520d
1 changed files with 13 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
terraform/azure/main.tf
View file

@ -54,8 +54,17 @@ resource "azurerm_role_assignment" "current" {
principal_id = module.test_sp.sp_id
}
resource "azurerm_key_vault_secret" "test" {
name = "secret-sauce"
value = "szechuan"
key_vault_id = module.test_key_vault.key_vault_id
resource "kubernetes_service_account" "current" {
metadata {
name = "external-secrets-operator"
namespace = "external-secrets-operator"
annotations = {
"azure.workload.identity/client-id" = module.test_sp.application_id
"azure.workload.identity/tenant-id" = data.azurerm_client_config.current.tenant_id
}
labels = {
"azure.workload.identity/use" = "true"
}
}
}