mirror of
https://github.com/external-secrets/external-secrets.git
synced 2024-12-14 11:57:59 +00:00
49 lines
No EOL
1.2 KiB
YAML
49 lines
No EOL
1.2 KiB
YAML
apiVersion: external-secrets.io/v1beta1
|
|
kind: ExternalSecret
|
|
metadata:
|
|
name: example-external-secret
|
|
spec:
|
|
refreshInterval: 1h
|
|
secretStoreRef:
|
|
kind: SecretStore
|
|
name: example-secret-store
|
|
|
|
target:
|
|
name: secret-to-be-created
|
|
creationPolicy: Owner
|
|
|
|
data:
|
|
# name of the SECRET in the Azure KV (no prefix is by default a SECRET)
|
|
- secretKey: dev-secret-test
|
|
remoteRef:
|
|
key: dev-secret-test
|
|
|
|
# explicit type and name of secret in the Azure KV
|
|
- secretKey: dev-another-secret-test
|
|
remoteRef:
|
|
key: secret/dev-secret-test
|
|
|
|
# metadataPolicy to fetch all the tags in JSON format
|
|
- secretKey: dev-secret-test
|
|
remoteRef:
|
|
key: dev-secret-test
|
|
metadataPolicy: Fetch
|
|
|
|
# metadataPolicy to fetch a specific tag which name must be in property
|
|
- secretKey: dev-secret-test
|
|
remoteRef:
|
|
key: dev-secret-test
|
|
metadataPolicy: Fetch
|
|
property: tagname
|
|
|
|
# type/name of certificate in the Azure KV
|
|
# raw value will be returned, use templating features for data processing
|
|
- secretKey: dev-cert-test
|
|
remoteRef:
|
|
key: cert/dev-cert-test
|
|
|
|
# type/name of the public key in the Azure KV
|
|
# the key is returned PEM encoded
|
|
- secretKey: dev-key-test
|
|
remoteRef:
|
|
key: key/dev-key-test |