mirrors/external-secrets
1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00
Code Activity

Update IBM Cloud provider docs (#1614)

Browse source 
* update images and some wording

* fix image filename

* Update ibm-secrets-manager.md

Signed-off-by: Idan Adar <iadar@il.ibm.com>

Signed-off-by: Idan Adar <iadar@il.ibm.com>
This commit is contained in:
Idan Adar 2022-10-08 23:21:35 +03:00 committed by GitHub
parent a293b149c1
commit aeb5049540
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
16 changed files with 13 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

BIN
docs/pictures/screenshot_api_keys_create.png
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 38 KiB

After

Width:  |  Height:  |  Size: 926 KiB

BIN
docs/pictures/screenshot_api_keys_create_successful.png
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 50 KiB

After

Width:  |  Height:  |  Size: 951 KiB

BIN
docs/pictures/screenshot_api_keys_iam.png
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 79 KiB

After

Width:  |  Height:  |  Size: 1.2 MiB

BIN
docs/pictures/screenshot_api_keys_iam_left.png
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 57 KiB

After

Width:  |  Height:  |  Size: 940 KiB

BIN
docs/pictures/screenshot_container_auth_create_1.png
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 37 KiB

After

Width:  |  Height:  |  Size: 802 KiB

BIN
docs/pictures/screenshot_container_auth_create_2.png
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 115 KiB

After

Width:  |  Height:  |  Size: 1,016 KiB

BIN
docs/pictures/screenshot_container_auth_create_3.png
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 83 KiB

After

Width:  |  Height:  |  Size: 929 KiB

BIN
docs/pictures/screenshot_container_auth_create_group.png
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 56 KiB

After

Width:  |  Height:  |  Size: 875 KiB

BIN
docs/pictures/screenshot_container_auth_create_group_1.png
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 28 KiB

After

Width:  |  Height:  |  Size: 872 KiB

BIN
docs/pictures/screenshot_container_auth_create_group_2.png
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 39 KiB

After

Width:  |  Height:  |  Size: 896 KiB

BIN
docs/pictures/screenshot_container_auth_create_group_3.png
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 48 KiB

After

Width:  |  Height:  |  Size: 1,007 KiB

BIN
docs/pictures/screenshot_container_auth_create_group_4.png
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 117 KiB

After

Width:  |  Height:  |  Size: 895 KiB

BIN
docs/pictures/screenshot_container_auth_create_group_5.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 979 KiB

BIN
docs/pictures/screenshot_container_auth_iam_left.png
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 66 KiB

After

Width:  |  Height:  |  Size: 906 KiB

BIN
docs/pictures/screenshot_service_url.png
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 61 KiB

After

Width:  |  Height:  |  Size: 810 KiB

32
docs/provider/ibm-secrets-manager.md
View file

@ -1,6 +1,6 @@
## IBM Cloud Secret Manager
External Secrets Operator integrates with [IBM Secret Manager](https://www.ibm.com/cloud/secrets-manager) for secret management.
External Secrets Operator integrates with [IBM Cloud Secret Manager](https://www.ibm.com/cloud/secrets-manager) for secret management.
### Authentication
@ -12,14 +12,10 @@ To generate your key (for test purposes we are going to generate from your user)
![iam](../pictures/screenshot_api_keys_iam.png)
On the left, click "IBM Cloud API Keys":
On the left, click "API Keys", then click on "Create"
![iam-left](../pictures/screenshot_api_keys_iam_left.png)
Press "Create an IBM Cloud API Key":
![iam-create-button](../pictures/screenshot_api_keys_create_button.png)
Pick a name and description for your key:
![iam-create-key](../pictures/screenshot_api_keys_create.png)
@ -48,7 +44,7 @@ Pick a name and description for your group:
![iam-left](../pictures/screenshot_container_auth_create_group_1.png)
Click on "Access Policies":
Click on "Access", and then on "Assign":
![iam-left](../pictures/screenshot_container_auth_create_group_2.png)
@ -56,21 +52,21 @@ Click on "Assign Access", select "IAM services", and pick "Secrets Manager" from
![iam-left](../pictures/screenshot_container_auth_create_group_3.png)
Scope to "All resources" or "Resources based on selected attributes", select "SecretsReader":
Scope to "All resources" or "Resources based on selected attributes":
![iam-left](../pictures/screenshot_container_auth_create_group_4.png)
Select the "SecretsReader" service access policy:
![iam-left](../pictures/screenshot_container_auth_create_group_5.png)
Click "Add" and "Assign" to save the access group.
Next, on the left, click "Trusted profiles":
![iam-left](../pictures/screenshot_container_auth_iam_left.png)
Press "Create":
![iam-create-button](../pictures/screenshot_container_auth_create_button.png)
Pick a name and description for your profile:
Press "Create" and pick a name and description for your profile:
![iam-create-key](../pictures/screenshot_container_auth_create_1.png)
@ -98,11 +94,10 @@ Be sure the `ibm` provider is listed in the `Kind=SecretStore`
```
**NOTE:** In case of a `ClusterSecretStore`, Be sure to provide `namespace` in `secretApiKeySecretRef` with the namespace where the secret resides.
**NOTE:** Only `secretApiKeySecretRef` or `containerAuth` should be specified, depending on authentication me
thod being used.
**NOTE:** Only `secretApiKeySecretRef` or `containerAuth` should be specified, depending on authentication method being used.
To find your `serviceURL`, under your Secrets Manager resource, go to "Endpoints" on the left.
To find your serviceURL, under your Secrets Manager resource, go to "Endpoints" on the left.
Note: Use the url without the `/api` suffix that is presented in the UI.
See here for a list of [publicly available endpoints](https://cloud.ibm.com/apidocs/secrets-manager#getting-started-endpoints).
![iam-create-success](../pictures/screenshot_service_url.png)
@ -140,7 +135,7 @@ The behavior for the different secret types is as following:
* `remoteRef` retrieves an apikey from secrets manager and sets it for specified `secretKey`
* `dataFrom` retrieves an apikey from secrets manager and sets it for the `apikey` Kubernetes secret key
#### imported_cert, public_cert and private_cert
#### imported_cert, public_cert, and private_cert
* `remoteRef` requires a `property` to be set for either `certificate`, `private_key` or `intermediate` to retrieve respective fields from the secrets manager secret and set in specified `secretKey`
* `dataFrom` retrieves all `certificate`, `private_key` and `intermediate` fields from the secrets manager secret and sets appropriate key:value pairs in the resulting Kubernetes secret
@ -193,7 +188,6 @@ data:
keyB: ... #valB
```
### Creating external secret
To create a kubernetes secret from the IBM Secrets Manager, a `Kind=ExternalSecret` is needed.