Home Explore Help
Sign In
logic855
/
helm-external-secrets
mirror of https://github.com/external-secrets/external-secrets
1
0
Fork 0
Files Issues 0 Wiki
Tree: a051da82cf
Branches Tags
helm-externa...
/
docs
/
snippets
/
generator-ecr.yaml

generator-ecr.yaml 935 B
History Raw

1234567891011121314151617181920212223242526272829303132 
  1. apiVersion: generators.external-secrets.io/v1alpha1
    2. 

  2. kind: ECRAuthorizationToken
    3. 

  3. spec:
    4. 

  4. 

  5.   # specify aws region (mandatory)
    6. 

  6.   region: eu-west-1
    7. 

  7. 

  8.   # assume role with the given authentication credentials
    9. 

  9.   role: "my-role"
    10. 

  10. 

  11.   # choose an authentication strategy
    12. 

  12.   # if no auth strategy is defined it falls back to using
    13. 

  13.   # credentials from the environment of the controller.
    14. 

  14.   auth:
    15. 

  15. 

  16.     # 1: static credentials
    17. 

  17.     # point to a secret that contains static credentials
    18. 

  18.     # like AWS_ACCESS_KEY_ID / AWS_SECRET_ACCESS_KEY
    19. 

  19.     secretRef:
    20. 

  20.       accessKeyIDSecretRef:
    21. 

  21.         name: "my-aws-creds"
    22. 

  22.         key: "key-id"
    23. 

  23.       secretAccessKeySecretRef:
    24. 

  24.         name: "my-aws-creds"
    25. 

  25.         key: "access-secret"
    26. 

  26. 

  27.     # option 2: IAM Roles for Service Accounts
    28. 

  28.     # point to a service account that should be used
    29. 

  29.     # that is configured for IAM Roles for Service Accounts (IRSA)
    30. 

  30.     jwt:
    31. 

  31.       serviceAccountRef:
    32. 

  32.         name: "oci-token-sync"
    33.