mirror of
https://github.com/external-secrets/external-secrets.git
synced 2024-12-14 11:57:59 +00:00
fc7281a39b
Also, some generators's examples didn't have the `.metadata.name` property. Signed-off-by: Sebastián Gómez <sebastiangomezcorrea@gmail.com>
34 lines
No EOL
961 B
YAML
34 lines
No EOL
961 B
YAML
apiVersion: generators.external-secrets.io/v1alpha1
|
|
kind: ECRAuthorizationToken
|
|
metadata:
|
|
name: ecr-gen
|
|
spec:
|
|
|
|
# specify aws region (mandatory)
|
|
region: eu-west-1
|
|
|
|
# assume role with the given authentication credentials
|
|
role: "my-role"
|
|
|
|
# choose an authentication strategy
|
|
# if no auth strategy is defined it falls back to using
|
|
# credentials from the environment of the controller.
|
|
auth:
|
|
|
|
# 1: static credentials
|
|
# point to a secret that contains static credentials
|
|
# like AWS_ACCESS_KEY_ID / AWS_SECRET_ACCESS_KEY
|
|
secretRef:
|
|
accessKeyIDSecretRef:
|
|
name: "my-aws-creds"
|
|
key: "key-id"
|
|
secretAccessKeySecretRef:
|
|
name: "my-aws-creds"
|
|
key: "access-secret"
|
|
|
|
# option 2: IAM Roles for Service Accounts
|
|
# point to a service account that should be used
|
|
# that is configured for IAM Roles for Service Accounts (IRSA)
|
|
jwt:
|
|
serviceAccountRef:
|
|
name: "oci-token-sync" |