|
@@ -3994,18 +3994,18 @@
|
|
|
</tbody>
|
|
</tbody>
|
|
|
</table>
|
|
</table>
|
|
|
<h2 id="authentication">Authentication</h2>
|
|
<h2 id="authentication">Authentication</h2>
|
|
|
-<p>You can choose from three authentication mechanisms:</p>
|
|
|
|
|
|
|
+<p>You can choose from one authentication mechanisms:</p>
|
|
|
<ul>
|
|
<ul>
|
|
|
<li>static credentials using <code>spec.auth.secretRef</code></li>
|
|
<li>static credentials using <code>spec.auth.secretRef</code></li>
|
|
|
-<li>point to a IRSA Service Account with <code>spec.auth.jwt</code></li>
|
|
|
|
|
-<li>use credentials from the <a href="https://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/credentials.html#credentials-default">SDK default credentials chain</a> from the controller environment</li>
|
|
|
|
|
</ul>
|
|
</ul>
|
|
|
|
|
+<p><em>Note</em>: STSSessionToken uses GetSessionToken API. This API can <em>only</em> be used by long-term credentials such as an id + key.
|
|
|
|
|
+Therefore, it is only usable with a secretRef for authentication.</p>
|
|
|
<h2 id="request-parameters">Request Parameters</h2>
|
|
<h2 id="request-parameters">Request Parameters</h2>
|
|
|
-<p>Following request parameters can be provided:</p>
|
|
|
|
|
|
|
+<p>The following request parameters can be provided:</p>
|
|
|
<ul>
|
|
<ul>
|
|
|
<li>duration seconds -> can specify the TTL of the generated token</li>
|
|
<li>duration seconds -> can specify the TTL of the generated token</li>
|
|
|
<li>serial number -> define the serial number of the MFA device used by the user</li>
|
|
<li>serial number -> define the serial number of the MFA device used by the user</li>
|
|
|
-<li>token code -> possible code generated by the above referenced MFA device</li>
|
|
|
|
|
|
|
+<li>token code -> possible code generated by the above-referenced MFA device</li>
|
|
|
</ul>
|
|
</ul>
|
|
|
<h2 id="example-manifest">Example Manifest</h2>
|
|
<h2 id="example-manifest">Example Manifest</h2>
|
|
|
<div class="highlight"><pre><span></span><code><span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">generators.external-secrets.io/v1alpha1</span>
|
|
<div class="highlight"><pre><span></span><code><span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">generators.external-secrets.io/v1alpha1</span>
|