Просмотр исходного кода

docs(alibaba): add access key authentication (#2934)

Signed-off-by: Victor Santos <vsantos.py@gmail.com>
Victor Santos 2 лет назад
Родитель
Сommit
96233b759a
1 измененных файлов с 34 добавлено и 0 удалено
  1. 34 0
      docs/provider/alibaba.md

+ 34 - 0
docs/provider/alibaba.md

@@ -9,6 +9,40 @@ We support Access key and RRSA authentication.
 
 
 To use RRSA authentication, you should follow [Use RRSA to authorize pods to access different cloud services](https://www.alibabacloud.com/help/en/container-service-for-kubernetes/latest/use-rrsa-to-enforce-access-control/) to assign the RAM role to external-secrets operator.
 To use RRSA authentication, you should follow [Use RRSA to authorize pods to access different cloud services](https://www.alibabacloud.com/help/en/container-service-for-kubernetes/latest/use-rrsa-to-enforce-access-control/) to assign the RAM role to external-secrets operator.
 
 
+#### Access Key authentication
+
+To use `accessKeyID` and `accessKeySecrets`, simply create them as a regular `Kind: Secret` beforehand and associate it with the `SecretStore`:
+
+```yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: secret-sample
+data:
+  accessKeyID: bXlhd2Vzb21lYWNjZXNza2V5aWQ=
+  accessKeySecret: bXlhd2Vzb21lYWNjZXNza2V5c2VjcmV0
+```
+
+```yaml
+apiVersion: external-secrets.io/v1beta1
+kind: SecretStore
+metadata:
+  name: secretstore-sample
+spec:
+  provider:
+    alibaba:
+      regionID: ap-southeast-1
+      auth:
+        secretRef:
+          accessKeyIDSecretRef:
+            name: secret-sample
+            key: accessKeyID
+          accessKeySecretSecretRef:
+            name: secret-sample
+            key: accessKeySecret
+```
+
+
 #### RRSA authentication
 #### RRSA authentication
 
 
 When using RRSA authentication we manually project the OIDC token file to pod as volume
 When using RRSA authentication we manually project the OIDC token file to pod as volume