external-secrets/docs/provider-google-secrets-manager.md at add9c819321b608aaa94a6d49b882b5ff5278186

mirrors/external-secrets

Fork 0

mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-15 17:51:01 +00:00

Gabi fe05c523d4 Add documentation for gcpsm

2021-05-27 11:43:34 +02:00

1.1 KiB

Raw Blame History

Google Cloud Secret Manager

External Secrets Operator integrates with GCP Secret Manager for secret management.

Authentication

At the moment, we only support service account key authentication.

Service account key authentication

A service account key is created and the JSON keyfile is stored in a Kind=Secret. The project_id and private_key should be configured for the project.

{% include 'gcpsm-credentials-secret.yaml' %}

Update secret store

Be sure the gcpsm provider is listed in the Kind=SecretStore

{% include 'gcpsm-secret-store.yaml' %}

Creating external secret

To create a kubernetes secret from the GCP Secret Manager secret a Kind=ExternalSecret is needed.

{% include 'gcpsm-external-secret.yaml' %}

The operator will fetch the GCP Secret Manager secret and inject it as a Kind=Secret

kubectl get secret secret-to-be-created -n <namespace> | -o jsonpath='{.data.example-externalsecret-key}' | base64 -d

1.1 KiB Raw Blame History