Home Explore Help
Sign In
logic855
/
helm-external-secrets
mirror of https://github.com/external-secrets/external-secrets
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Merge pull request #557 from krrrr38/cluster-secret-store-irsa-setting-example

add ClusterSecretStore AWS IRSA example setting docs
paul-the-alien[bot] 4 years ago
parent
05a8f17396 afb2690fba
commit
3b9bbfd1f6
1 changed files with 8 additions and 2 deletions
Split View Show Diff Stats
  1. 8 2
      docs/snippets/full-cluster-secret-store.yaml

+ 8 - 2
docs/snippets/full-cluster-secret-store.yaml
View File 

@@ -22,9 +22,9 @@ spec:
 
       role: iam-role
 
       # AWS Region to be used for the provider
 
       region: eu-central-1
 
-      # Auth defines the information necessary to authenticate against AWS by
 
-      # getting the accessKeyID and secretAccessKey from an already created Kubernetes Secret
 
+      # Auth defines the information necessary to authenticate against AWS
 
       auth:
 
+        # Getting the accessKeyID and secretAccessKey from an already created Kubernetes Secret
 
         secretRef:
 
           accessKeyID:
 
             name: awssm-secret
 
@@ -32,6 +32,12 @@ spec:
 
           secretAccessKey:
 
             name: awssm-secret
 
             key: secret-access-key
 
+        # IAM roles for service accounts
 
+        # https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts-technical-overview.html
 
+        jwt:
 
+          serviceAccountRef:
 
+            name: my-serviceaccount
 
+            namespace: sa-namespace
 
 
     vault:
 
       server: "https://vault.acme.org"