2.8 KiB
External Secrets
The External Secrets Kubernetes operator reads information from a third party service like AWS Secrets Manager and automatically injects the values as Kubernetes Secrets.
Multiple people and organizations are joining efforts to create a single External Secrets solution based on existing projects. If you are curious about the origins of this project, check out this issue and this PR.
⚠️ Please bear in mind
While this project is not ready, you might consider using the following:
Installation
Clone this repository:
git clone https://github.com/external-secrets/external-secrets.git
Install the Custom Resource Definitions:
make install
Run the controller against the active Kubernetes cluster context:
make run
Apply the sample resources:
kubectl apply -f config/samples/external-secrets_v1alpha1_secretstore.yaml
kubectl apply -f config/samples/external-secrets_v1alpha1_externalsecret.yaml
If you want to use helm:
helm repo add external-secrets https://charts.external-secrets.io
helm install RELEASE_NAME external-secrets/external-secrets
We will add more documentation once we have the implementation for the different providers. You can find some here: https://external-secrets.io
Features
- Support to multiple Provider stores (AWS Secret Manager, GCP Secret Manger, Vault and more) simultaneously.
- Multiple External Secrets operator instances for different contexts/environments.
- A custom refresh interval to sync the data from the Providers, syncing your Kubernetes Secrets up to date.
- Select specific versions of the Provider data.
- Advanced templating
Contributing
We welcome and encourage contributions to this project! Please read the Developer and Contribution process guides. Also make sure to check the Code of Conduct and adhere to its guidelines.
Kicked off by
