Home Explore Help
Sign In
logic855
/
helm-external-secrets
mirror of https://github.com/external-secrets/external-secrets
1
0
Fork 0
Files Issues 0 Wiki
Tree: 3d3ce64411
Branches Tags
helm-externa...
/
docs
/
snippets
/
volcengine-secret-store.yaml

volcengine-secret-store.yaml 998 B
History Raw

1234567891011121314151617181920212223242526272829 
  1. apiVersion: external-secrets.io/v1
    2. 

  2. kind: SecretStore
    3. 

  3. metadata:
    4. 

  4.   name: volcengine-kms
    5. 

  5. spec:
    6. 

  6.   provider:
    7. 

  7.     volcengine:
    8. 

  8.       # Region (Required)
    9. 

  9.       region: "cn-beijing"
    10. 

  10.       
    11. 

  11.       # Authentication (Choose one)
    12. 

  12.       auth:
    13. 

  13.         # Method 1: IRSA (Recommended)
    14. 

  14.         # When the auth block is empty or does not contain secretRef, IRSA is enabled by default.
    15. 

  15.         # The Pod's ServiceAccount must be associated with an IAM Role via Annotation,
    16. 

  16.         # and the VOLCENGINE_ROLE_TRN and VOLCENGINE_OIDC_TOKEN_FILE environment variables must be injected into the ESO Pod.
    17. 

  17.         
    18. 

  18.         # Method 2: Static Credentials
    19. 

  19.         secretRef:
    20. 

  20.           accessKeyID:
    21. 

  21.             name: volcengine-creds
    22. 

  22.             key: accessKeyID
    23. 

  23.           secretAccessKey:
    24. 

  24.             name: volcengine-creds
    25. 

  25.             key: secretAccessKey
    26. 

  26.           # (Optional, provide the Secret reference for the STS token if you are using one)
    27. 

  27.           token:
    28. 

  28.             name: volcengine-creds
    29. 

  29.             key: sts-token
    30.