apiVersion: generators.external-secrets.io/v1alpha1 kind: VaultDynamicSecret metadata: {} spec: allowEmptyResponse: false controller: string method: string parameters: path: string provider: auth: appRole: path: "approle" roleId: string roleRef: key: string name: string namespace: string secretRef: key: string name: string namespace: string cert: clientCert: key: string name: string namespace: string secretRef: key: string name: string namespace: string iam: externalID: string jwt: serviceAccountRef: audiences: [] # minItems 0 of type string name: string namespace: string path: string region: string role: string secretRef: accessKeyIDSecretRef: key: string name: string namespace: string secretAccessKeySecretRef: key: string name: string namespace: string sessionTokenSecretRef: key: string name: string namespace: string vaultAwsIamServerID: string vaultRole: string jwt: kubernetesServiceAccountToken: audiences: [] # minItems 0 of type string expirationSeconds: 1 serviceAccountRef: audiences: [] # minItems 0 of type string name: string namespace: string path: "jwt" role: string secretRef: key: string name: string namespace: string kubernetes: mountPath: "kubernetes" role: string secretRef: key: string name: string namespace: string serviceAccountRef: audiences: [] # minItems 0 of type string name: string namespace: string ldap: path: "ldap" secretRef: key: string name: string namespace: string username: string namespace: string tokenSecretRef: key: string name: string namespace: string userPass: path: "userpass" secretRef: key: string name: string namespace: string username: string caBundle: c3RyaW5n caProvider: key: string name: string namespace: string type: "Secret" # "Secret", "ConfigMap" forwardInconsistent: true headers: {} namespace: string path: string readYourWrites: true server: string tls: certSecretRef: key: string name: string namespace: string keySecretRef: key: string name: string namespace: string version: "v2" resultType: "Data" retrySettings: maxRetries: 1 retryInterval: string