apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
  name: example-external-secret
spec:
  refreshInterval: 1h
  secretStoreRef:
    kind: SecretStore
    name: example-secret-store

  target:
    name: secret-to-be-created
    creationPolicy: Owner

  data:
  # name of the SECRET in the Azure KV (no prefix is by default a SECRET)
  - secretKey: dev-secret-test
    remoteRef:
      key: dev-secret-test

  # explicit type and name of secret in the Azure KV
  - secretKey: dev-another-secret-test
    remoteRef:
      key: secret/dev-secret-test

  # type/name of certificate in the Azure KV
  # raw value will be returned, use templating features for data processing
  - secretKey: dev-cert-test
    remoteRef:
      key: cert/dev-cert-test

  # type/name of the public key in the Azure KV
  # the key is returned PEM encoded
  - secretKey: dev-key-test
    remoteRef:
      key: key/dev-key-test