|
|
@@ -2222,6 +2222,20 @@ management. Vault itself implements lots of different secret engines, as of now
|
|
|
<span class="w"> </span><span class="nt">remoteRef</span><span class="p">:</span><span class="w"></span>
|
|
|
<span class="w"> </span><span class="nt">key</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">foo</span><span class="w"></span>
|
|
|
<span class="w"> </span><span class="nt">property</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">my-value</span><span class="w"></span>
|
|
|
+
|
|
|
+<span class="w"> </span><span class="c1"># metadataPolicy to fetch all the labels in JSON format</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">secretKey</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">tags</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">remoteRef</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">metadataPolicy</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Fetch</span><span class="w"> </span>
|
|
|
+<span class="w"> </span><span class="nt">key</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">foo</span><span class="w"></span>
|
|
|
+
|
|
|
+<span class="w"> </span><span class="c1"># metadataPolicy to fetch a specific label (dev) from the source secret</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">secretKey</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">developer</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">remoteRef</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">metadataPolicy</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Fetch</span><span class="w"> </span>
|
|
|
+<span class="w"> </span><span class="nt">key</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">foo</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">property</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">dev</span><span class="w"></span>
|
|
|
+
|
|
|
<span class="nn">---</span><span class="w"></span>
|
|
|
<span class="c1"># will create a secret with:</span><span class="w"></span>
|
|
|
<span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Secret</span><span class="w"></span>
|
|
|
@@ -2230,6 +2244,7 @@ management. Vault itself implements lots of different secret engines, as of now
|
|
|
<span class="nt">data</span><span class="p">:</span><span class="w"></span>
|
|
|
<span class="w"> </span><span class="nt">foobar</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">czNjcjN0</span><span class="w"></span>
|
|
|
</code></pre></div>
|
|
|
+<p>Keep in mind that fetching the labels with <code>metadataPolicy: Fetch</code> only works with KV sercrets engine version v2.</p>
|
|
|
<h4 id="fetching-raw-values">Fetching Raw Values</h4>
|
|
|
<p>You can fetch all key/value pairs for a given path If you leave the <code>remoteRef.property</code> empty. This returns the json-encoded secret value for that path.</p>
|
|
|
<div class="highlight"><pre><span></span><code><span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-secrets.io/v1beta1</span><span class="w"></span>
|
moolen