mirrors/external-secrets
1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00
Code Activity
external-secrets/docs/api/generator/ecr.md
Sebastián Gómez fc7281a39b
Added examples for all the Generators in the docs. Fixes #2260 (#2261) 
Also, some generators's examples didn't have the `.metadata.name` property.

Signed-off-by: Sebastián Gómez <sebastiangomezcorrea@gmail.com>
2023-04-26 17:00:14 -03:00

1.5 KiB
Raw Blame History

ECRAuthorizationTokenSpec uses the GetAuthorizationToken API to retrieve an authorization token. The authorization token is valid for 12 hours. For more information, see registry authentication in the Amazon Elastic Container Registry User Guide.

Output Keys and Values

Key Description
username username for the docker login command.
password password for the docker login command.
proxy_endpoint The registry URL to use for this authorization token in a docker login command.
expires_at time when token expires in UNIX time (seconds since January 1, 1970 UTC).

Authentication

You can choose from three authentication mechanisms:

  • static credentials using spec.auth.secretRef
  • point to a IRSA Service Account with spec.auth.jwt
  • use credentials from the SDK default credentials chain from the controller environment

Example Manifest

{% include 'generator-ecr.yaml' %}

Example ExternalSecret that references the ECR generator:

{% include 'generator-ecr-example.yaml' %}