index.html 91 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729173017311732173317341735173617371738173917401741174217431744174517461747174817491750175117521753175417551756175717581759176017611762176317641765176617671768176917701771177217731774177517761777177817791780178117821783178417851786178717881789179017911792179317941795179617971798179918001801180218031804180518061807180818091810181118121813181418151816181718181819182018211822182318241825182618271828182918301831183218331834183518361837183818391840184118421843184418451846184718481849185018511852185318541855185618571858185918601861186218631864186518661867186818691870187118721873187418751876187718781879188018811882188318841885188618871888188918901891189218931894189518961897189818991900190119021903190419051906190719081909191019111912191319141915191619171918191919201921192219231924192519261927192819291930193119321933193419351936193719381939194019411942194319441945194619471948194919501951195219531954195519561957195819591960196119621963196419651966196719681969197019711972197319741975197619771978197919801981198219831984198519861987198819891990199119921993199419951996199719981999200020012002200320042005200620072008200920102011201220132014201520162017201820192020202120222023202420252026202720282029203020312032203320342035203620372038203920402041204220432044204520462047204820492050205120522053205420552056205720582059206020612062206320642065206620672068206920702071207220732074207520762077207820792080208120822083208420852086208720882089209020912092209320942095209620972098209921002101210221032104210521062107210821092110211121122113211421152116211721182119212021212122212321242125212621272128212921302131213221332134213521362137213821392140214121422143214421452146214721482149215021512152215321542155215621572158215921602161216221632164216521662167216821692170217121722173217421752176217721782179218021812182218321842185218621872188218921902191219221932194219521962197219821992200220122022203220422052206220722082209221022112212221322142215221622172218221922202221222222232224222522262227222822292230223122322233223422352236223722382239224022412242224322442245224622472248224922502251225222532254225522562257225822592260226122622263226422652266226722682269227022712272227322742275227622772278227922802281228222832284228522862287228822892290229122922293229422952296229722982299230023012302230323042305230623072308230923102311231223132314231523162317231823192320232123222323232423252326232723282329233023312332233323342335233623372338233923402341234223432344234523462347234823492350235123522353235423552356235723582359236023612362236323642365236623672368236923702371237223732374237523762377237823792380238123822383238423852386238723882389239023912392239323942395239623972398239924002401240224032404240524062407240824092410241124122413241424152416241724182419242024212422242324242425242624272428242924302431243224332434243524362437243824392440244124422443244424452446244724482449245024512452245324542455245624572458245924602461246224632464246524662467246824692470247124722473247424752476247724782479248024812482248324842485248624872488248924902491249224932494249524962497249824992500250125022503250425052506250725082509251025112512251325142515251625172518251925202521252225232524252525262527252825292530253125322533253425352536253725382539254025412542254325442545254625472548254925502551255225532554255525562557255825592560256125622563256425652566256725682569257025712572257325742575257625772578257925802581258225832584258525862587258825892590259125922593259425952596259725982599260026012602260326042605260626072608260926102611261226132614261526162617261826192620262126222623262426252626262726282629263026312632263326342635263626372638263926402641264226432644264526462647264826492650265126522653265426552656265726582659266026612662266326642665266626672668266926702671267226732674267526762677267826792680268126822683268426852686268726882689269026912692269326942695269626972698269927002701270227032704270527062707270827092710271127122713271427152716271727182719272027212722272327242725272627272728272927302731273227332734273527362737273827392740274127422743274427452746274727482749275027512752275327542755275627572758275927602761276227632764276527662767276827692770277127722773277427752776277727782779278027812782278327842785278627872788278927902791279227932794279527962797279827992800280128022803280428052806280728082809281028112812281328142815281628172818281928202821282228232824282528262827282828292830283128322833283428352836283728382839284028412842284328442845284628472848284928502851285228532854285528562857285828592860286128622863286428652866286728682869287028712872287328742875287628772878287928802881288228832884288528862887288828892890289128922893289428952896289728982899290029012902290329042905290629072908290929102911291229132914291529162917291829192920292129222923292429252926292729282929293029312932293329342935293629372938293929402941294229432944294529462947294829492950295129522953295429552956295729582959296029612962296329642965296629672968296929702971297229732974297529762977297829792980298129822983298429852986298729882989299029912992299329942995299629972998299930003001300230033004300530063007300830093010301130123013301430153016301730183019302030213022302330243025302630273028302930303031303230333034303530363037303830393040304130423043304430453046304730483049305030513052305330543055305630573058305930603061306230633064306530663067306830693070307130723073307430753076307730783079308030813082308330843085308630873088308930903091309230933094309530963097309830993100310131023103310431053106310731083109311031113112311331143115311631173118311931203121312231233124312531263127312831293130313131323133313431353136313731383139314031413142314331443145314631473148314931503151315231533154315531563157315831593160316131623163316431653166316731683169317031713172317331743175317631773178317931803181318231833184318531863187318831893190319131923193319431953196319731983199320032013202320332043205320632073208320932103211321232133214321532163217321832193220322132223223322432253226322732283229323032313232323332343235323632373238323932403241324232433244324532463247324832493250325132523253325432553256325732583259326032613262326332643265326632673268326932703271327232733274327532763277327832793280328132823283328432853286328732883289329032913292329332943295329632973298329933003301330233033304330533063307330833093310331133123313331433153316331733183319332033213322332333243325332633273328332933303331333233333334333533363337333833393340334133423343334433453346334733483349335033513352335333543355335633573358335933603361336233633364336533663367336833693370337133723373337433753376337733783379338033813382338333843385338633873388338933903391339233933394339533963397339833993400340134023403340434053406340734083409341034113412341334143415341634173418341934203421342234233424342534263427342834293430343134323433343434353436343734383439344034413442344334443445344634473448344934503451345234533454345534563457345834593460346134623463346434653466346734683469347034713472347334743475347634773478347934803481348234833484348534863487348834893490349134923493349434953496349734983499350035013502350335043505350635073508350935103511351235133514351535163517351835193520352135223523352435253526352735283529353035313532353335343535353635373538353935403541354235433544354535463547354835493550355135523553355435553556355735583559356035613562356335643565356635673568356935703571357235733574357535763577357835793580358135823583358435853586358735883589359035913592359335943595359635973598359936003601360236033604360536063607360836093610361136123613361436153616361736183619362036213622362336243625362636273628362936303631363236333634363536363637363836393640364136423643364436453646364736483649365036513652365336543655365636573658365936603661366236633664366536663667366836693670367136723673367436753676367736783679368036813682368336843685368636873688368936903691369236933694369536963697369836993700370137023703370437053706370737083709371037113712371337143715371637173718371937203721372237233724372537263727372837293730373137323733373437353736373737383739374037413742374337443745374637473748374937503751375237533754375537563757375837593760376137623763376437653766376737683769377037713772377337743775377637773778377937803781378237833784378537863787378837893790379137923793379437953796379737983799380038013802380338043805380638073808380938103811381238133814381538163817381838193820382138223823382438253826382738283829383038313832383338343835383638373838383938403841384238433844384538463847384838493850385138523853385438553856385738583859386038613862386338643865386638673868386938703871387238733874387538763877387838793880388138823883388438853886388738883889389038913892389338943895389638973898389939003901390239033904390539063907390839093910391139123913391439153916391739183919392039213922392339243925392639273928392939303931393239333934393539363937393839393940394139423943394439453946394739483949395039513952395339543955395639573958395939603961396239633964396539663967396839693970397139723973397439753976397739783979
  1. <!doctype html>
  2. <html lang="en" class="no-js">
  3. <head>
  4. <meta charset="utf-8">
  5. <meta name="viewport" content="width=device-width,initial-scale=1">
  6. <link rel="prev" href="../chef/">
  7. <link rel="next" href="../device42/">
  8. <link rel="icon" href="../../pictures/eso-round-logo.svg">
  9. <meta name="generator" content="mkdocs-1.6.1, mkdocs-material-9.5.42">
  10. <title>CyberArk Conjur - External Secrets Operator</title>
  11. <link rel="stylesheet" href="../../assets/stylesheets/main.0253249f.min.css">
  12. <link rel="stylesheet" href="../../assets/stylesheets/palette.06af60db.min.css">
  13. <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
  14. <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i%7CRoboto+Mono:400,400i,700,700i&display=fallback">
  15. <style>:root{--md-text-font:"Roboto";--md-code-font:"Roboto Mono"}</style>
  16. <script>__md_scope=new URL("../..",location),__md_hash=e=>[...e].reduce(((e,_)=>(e<<5)-e+_.charCodeAt(0)),0),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script>
  17. <script id="__analytics">function __md_analytics(){function e(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],e("js",new Date),e("config","G-QP38TD8K7V"),document.addEventListener("DOMContentLoaded",(function(){document.forms.search&&document.forms.search.query.addEventListener("blur",(function(){this.value&&e("event","search",{search_term:this.value})}));document$.subscribe((function(){var t=document.forms.feedback;if(void 0!==t)for(var a of t.querySelectorAll("[type=submit]"))a.addEventListener("click",(function(a){a.preventDefault();var n=document.location.pathname,d=this.getAttribute("data-md-value");e("event","feedback",{page:n,data:d}),t.firstElementChild.disabled=!0;var r=t.querySelector(".md-feedback__note [data-md-value='"+d+"']");r&&(r.hidden=!1)})),t.hidden=!1})),location$.subscribe((function(t){e("config","G-QP38TD8K7V",{page_path:t.pathname})}))}));var t=document.createElement("script");t.async=!0,t.src="https://www.googletagmanager.com/gtag/js?id=G-QP38TD8K7V",document.getElementById("__analytics").insertAdjacentElement("afterEnd",t)}</script>
  18. <script>"undefined"!=typeof __md_analytics&&__md_analytics()</script>
  19. </head>
  20. <body dir="ltr" data-md-color-scheme="default" data-md-color-primary="indigo" data-md-color-accent="indigo">
  21. <input class="md-toggle" data-md-toggle="drawer" type="checkbox" id="__drawer" autocomplete="off">
  22. <input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off">
  23. <label class="md-overlay" for="__drawer"></label>
  24. <div data-md-component="skip">
  25. <a href="#conjur-provider" class="md-skip">
  26. Skip to content
  27. </a>
  28. </div>
  29. <div data-md-component="announce">
  30. </div>
  31. <div data-md-color-scheme="default" data-md-component="outdated" hidden>
  32. <aside class="md-banner md-banner--warning">
  33. <div class="md-banner__inner md-grid md-typeset">
  34. You're not viewing the latest version.
  35. <a href="../../..">
  36. <strong>Click here to go to latest.</strong>
  37. </a>
  38. </div>
  39. <script>var el=document.querySelector("[data-md-component=outdated]"),outdated=__md_get("__outdated",sessionStorage);!0===outdated&&el&&(el.hidden=!1)</script>
  40. </aside>
  41. </div>
  42. <header class="md-header" data-md-component="header">
  43. <nav class="md-header__inner md-grid" aria-label="Header">
  44. <a href="../.." title="External Secrets Operator" class="md-header__button md-logo" aria-label="External Secrets Operator" data-md-component="logo">
  45. <img src="../../pictures/eso-round-logo.svg" alt="logo">
  46. </a>
  47. <label class="md-header__button md-icon" for="__drawer">
  48. <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M3 6h18v2H3zm0 5h18v2H3zm0 5h18v2H3z"/></svg>
  49. </label>
  50. <div class="md-header__title" data-md-component="header-title">
  51. <div class="md-header__ellipsis">
  52. <div class="md-header__topic">
  53. <span class="md-ellipsis">
  54. External Secrets Operator
  55. </span>
  56. </div>
  57. <div class="md-header__topic" data-md-component="header-topic">
  58. <span class="md-ellipsis">
  59. CyberArk Conjur
  60. </span>
  61. </div>
  62. </div>
  63. </div>
  64. <form class="md-header__option" data-md-component="palette">
  65. <input class="md-option" data-md-color-media="(prefers-color-scheme: light)" data-md-color-scheme="default" data-md-color-primary="indigo" data-md-color-accent="indigo" aria-label="Switch to dark mode" type="radio" name="__palette" id="__palette_0">
  66. <label class="md-header__button md-icon" title="Switch to dark mode" for="__palette_1" hidden>
  67. <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 8a4 4 0 0 0-4 4 4 4 0 0 0 4 4 4 4 0 0 0 4-4 4 4 0 0 0-4-4m0 10a6 6 0 0 1-6-6 6 6 0 0 1 6-6 6 6 0 0 1 6 6 6 6 0 0 1-6 6m8-9.31V4h-4.69L12 .69 8.69 4H4v4.69L.69 12 4 15.31V20h4.69L12 23.31 15.31 20H20v-4.69L23.31 12z"/></svg>
  68. </label>
  69. <input class="md-option" data-md-color-media="(prefers-color-scheme: dark)" data-md-color-scheme="slate" data-md-color-primary="indigo" data-md-color-accent="indigo" aria-label="Switch to light mode" type="radio" name="__palette" id="__palette_1">
  70. <label class="md-header__button md-icon" title="Switch to light mode" for="__palette_0" hidden>
  71. <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 18c-.89 0-1.74-.2-2.5-.55C11.56 16.5 13 14.42 13 12s-1.44-4.5-3.5-5.45C10.26 6.2 11.11 6 12 6a6 6 0 0 1 6 6 6 6 0 0 1-6 6m8-9.31V4h-4.69L12 .69 8.69 4H4v4.69L.69 12 4 15.31V20h4.69L12 23.31 15.31 20H20v-4.69L23.31 12z"/></svg>
  72. </label>
  73. </form>
  74. <script>var palette=__md_get("__palette");if(palette&&palette.color){if("(prefers-color-scheme)"===palette.color.media){var media=matchMedia("(prefers-color-scheme: light)"),input=document.querySelector(media.matches?"[data-md-color-media='(prefers-color-scheme: light)']":"[data-md-color-media='(prefers-color-scheme: dark)']");palette.color.media=input.getAttribute("data-md-color-media"),palette.color.scheme=input.getAttribute("data-md-color-scheme"),palette.color.primary=input.getAttribute("data-md-color-primary"),palette.color.accent=input.getAttribute("data-md-color-accent")}for(var[key,value]of Object.entries(palette.color))document.body.setAttribute("data-md-color-"+key,value)}</script>
  75. <label class="md-header__button md-icon" for="__search">
  76. <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.52 6.52 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5"/></svg>
  77. </label>
  78. <div class="md-search" data-md-component="search" role="dialog">
  79. <label class="md-search__overlay" for="__search"></label>
  80. <div class="md-search__inner" role="search">
  81. <form class="md-search__form" name="search">
  82. <input type="text" class="md-search__input" name="query" aria-label="Search" placeholder="Search" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" required>
  83. <label class="md-search__icon md-icon" for="__search">
  84. <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.52 6.52 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5"/></svg>
  85. <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11z"/></svg>
  86. </label>
  87. <nav class="md-search__options" aria-label="Search">
  88. <button type="reset" class="md-search__icon md-icon" title="Clear" aria-label="Clear" tabindex="-1">
  89. <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12z"/></svg>
  90. </button>
  91. </nav>
  92. </form>
  93. <div class="md-search__output">
  94. <div class="md-search__scrollwrap" tabindex="0" data-md-scrollfix>
  95. <div class="md-search-result" data-md-component="search-result">
  96. <div class="md-search-result__meta">
  97. Initializing search
  98. </div>
  99. <ol class="md-search-result__list" role="presentation"></ol>
  100. </div>
  101. </div>
  102. </div>
  103. </div>
  104. </div>
  105. <div class="md-header__source">
  106. <a href="https://github.com/external-secrets/external-secrets" title="Go to repository" class="md-source" data-md-component="source">
  107. <div class="md-source__icon md-icon">
  108. <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.6.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2024 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81"/></svg>
  109. </div>
  110. <div class="md-source__repository">
  111. External Secrets Operator
  112. </div>
  113. </a>
  114. </div>
  115. </nav>
  116. </header>
  117. <div class="md-container" data-md-component="container">
  118. <nav class="md-tabs" aria-label="Tabs" data-md-component="tabs">
  119. <div class="md-grid">
  120. <ul class="md-tabs__list">
  121. <li class="md-tabs__item">
  122. <a href="../.." class="md-tabs__link">
  123. Introduction
  124. </a>
  125. </li>
  126. <li class="md-tabs__item">
  127. <a href="../../api/components/" class="md-tabs__link">
  128. API
  129. </a>
  130. </li>
  131. <li class="md-tabs__item">
  132. <a href="../../guides/introduction/" class="md-tabs__link">
  133. Guides
  134. </a>
  135. </li>
  136. <li class="md-tabs__item md-tabs__item--active">
  137. <a href="../aws-secrets-manager/" class="md-tabs__link">
  138. Provider
  139. </a>
  140. </li>
  141. <li class="md-tabs__item">
  142. <a href="../../examples/gitops-using-fluxcd/" class="md-tabs__link">
  143. Examples
  144. </a>
  145. </li>
  146. <li class="md-tabs__item">
  147. <a href="../../contributing/devguide/" class="md-tabs__link">
  148. Community
  149. </a>
  150. </li>
  151. </ul>
  152. </div>
  153. </nav>
  154. <main class="md-main" data-md-component="main">
  155. <div class="md-main__inner md-grid">
  156. <div class="md-sidebar md-sidebar--primary" data-md-component="sidebar" data-md-type="navigation" >
  157. <div class="md-sidebar__scrollwrap">
  158. <div class="md-sidebar__inner">
  159. <nav class="md-nav md-nav--primary md-nav--lifted" aria-label="Navigation" data-md-level="0">
  160. <label class="md-nav__title" for="__drawer">
  161. <a href="../.." title="External Secrets Operator" class="md-nav__button md-logo" aria-label="External Secrets Operator" data-md-component="logo">
  162. <img src="../../pictures/eso-round-logo.svg" alt="logo">
  163. </a>
  164. External Secrets Operator
  165. </label>
  166. <div class="md-nav__source">
  167. <a href="https://github.com/external-secrets/external-secrets" title="Go to repository" class="md-source" data-md-component="source">
  168. <div class="md-source__icon md-icon">
  169. <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.6.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2024 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81"/></svg>
  170. </div>
  171. <div class="md-source__repository">
  172. External Secrets Operator
  173. </div>
  174. </a>
  175. </div>
  176. <ul class="md-nav__list" data-md-scrollfix>
  177. <li class="md-nav__item md-nav__item--nested">
  178. <input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_1" >
  179. <div class="md-nav__link md-nav__container">
  180. <a href="../.." class="md-nav__link ">
  181. <span class="md-ellipsis">
  182. Introduction
  183. </span>
  184. </a>
  185. <label class="md-nav__link " for="__nav_1" id="__nav_1_label" tabindex="0">
  186. <span class="md-nav__icon md-icon"></span>
  187. </label>
  188. </div>
  189. <nav class="md-nav" data-md-level="1" aria-labelledby="__nav_1_label" aria-expanded="false">
  190. <label class="md-nav__title" for="__nav_1">
  191. <span class="md-nav__icon md-icon"></span>
  192. Introduction
  193. </label>
  194. <ul class="md-nav__list" data-md-scrollfix>
  195. <li class="md-nav__item">
  196. <a href="../../introduction/overview/" class="md-nav__link">
  197. <span class="md-ellipsis">
  198. Overview
  199. </span>
  200. </a>
  201. </li>
  202. <li class="md-nav__item">
  203. <a href="../../introduction/getting-started/" class="md-nav__link">
  204. <span class="md-ellipsis">
  205. Getting started
  206. </span>
  207. </a>
  208. </li>
  209. <li class="md-nav__item">
  210. <a href="../../introduction/faq/" class="md-nav__link">
  211. <span class="md-ellipsis">
  212. FAQ
  213. </span>
  214. </a>
  215. </li>
  216. <li class="md-nav__item">
  217. <a href="../../introduction/stability-support/" class="md-nav__link">
  218. <span class="md-ellipsis">
  219. Stability and Support
  220. </span>
  221. </a>
  222. </li>
  223. <li class="md-nav__item">
  224. <a href="../../introduction/deprecation-policy/" class="md-nav__link">
  225. <span class="md-ellipsis">
  226. Deprecation Policy
  227. </span>
  228. </a>
  229. </li>
  230. </ul>
  231. </nav>
  232. </li>
  233. <li class="md-nav__item md-nav__item--nested">
  234. <input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_2" >
  235. <label class="md-nav__link" for="__nav_2" id="__nav_2_label" tabindex="0">
  236. <span class="md-ellipsis">
  237. API
  238. </span>
  239. <span class="md-nav__icon md-icon"></span>
  240. </label>
  241. <nav class="md-nav" data-md-level="1" aria-labelledby="__nav_2_label" aria-expanded="false">
  242. <label class="md-nav__title" for="__nav_2">
  243. <span class="md-nav__icon md-icon"></span>
  244. API
  245. </label>
  246. <ul class="md-nav__list" data-md-scrollfix>
  247. <li class="md-nav__item">
  248. <a href="../../api/components/" class="md-nav__link">
  249. <span class="md-ellipsis">
  250. Components
  251. </span>
  252. </a>
  253. </li>
  254. <li class="md-nav__item md-nav__item--nested">
  255. <input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_2_2" >
  256. <label class="md-nav__link" for="__nav_2_2" id="__nav_2_2_label" tabindex="0">
  257. <span class="md-ellipsis">
  258. Core Resources
  259. </span>
  260. <span class="md-nav__icon md-icon"></span>
  261. </label>
  262. <nav class="md-nav" data-md-level="2" aria-labelledby="__nav_2_2_label" aria-expanded="false">
  263. <label class="md-nav__title" for="__nav_2_2">
  264. <span class="md-nav__icon md-icon"></span>
  265. Core Resources
  266. </label>
  267. <ul class="md-nav__list" data-md-scrollfix>
  268. <li class="md-nav__item">
  269. <a href="../../api/externalsecret/" class="md-nav__link">
  270. <span class="md-ellipsis">
  271. ExternalSecret
  272. </span>
  273. </a>
  274. </li>
  275. <li class="md-nav__item">
  276. <a href="../../api/secretstore/" class="md-nav__link">
  277. <span class="md-ellipsis">
  278. SecretStore
  279. </span>
  280. </a>
  281. </li>
  282. <li class="md-nav__item">
  283. <a href="../../api/clustersecretstore/" class="md-nav__link">
  284. <span class="md-ellipsis">
  285. ClusterSecretStore
  286. </span>
  287. </a>
  288. </li>
  289. <li class="md-nav__item">
  290. <a href="../../api/clusterexternalsecret/" class="md-nav__link">
  291. <span class="md-ellipsis">
  292. ClusterExternalSecret
  293. </span>
  294. </a>
  295. </li>
  296. <li class="md-nav__item">
  297. <a href="../../api/pushsecret/" class="md-nav__link">
  298. <span class="md-ellipsis">
  299. PushSecret
  300. </span>
  301. </a>
  302. </li>
  303. </ul>
  304. </nav>
  305. </li>
  306. <li class="md-nav__item md-nav__item--nested">
  307. <input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_2_3" >
  308. <div class="md-nav__link md-nav__container">
  309. <a href="../../api/generator/" class="md-nav__link ">
  310. <span class="md-ellipsis">
  311. Generators
  312. </span>
  313. </a>
  314. <label class="md-nav__link " for="__nav_2_3" id="__nav_2_3_label" tabindex="0">
  315. <span class="md-nav__icon md-icon"></span>
  316. </label>
  317. </div>
  318. <nav class="md-nav" data-md-level="2" aria-labelledby="__nav_2_3_label" aria-expanded="false">
  319. <label class="md-nav__title" for="__nav_2_3">
  320. <span class="md-nav__icon md-icon"></span>
  321. Generators
  322. </label>
  323. <ul class="md-nav__list" data-md-scrollfix>
  324. <li class="md-nav__item">
  325. <a href="../../api/generator/acr/" class="md-nav__link">
  326. <span class="md-ellipsis">
  327. Azure Container Registry
  328. </span>
  329. </a>
  330. </li>
  331. <li class="md-nav__item">
  332. <a href="../../api/generator/ecr/" class="md-nav__link">
  333. <span class="md-ellipsis">
  334. AWS Elastic Container Registry
  335. </span>
  336. </a>
  337. </li>
  338. <li class="md-nav__item">
  339. <a href="../../api/generator/gcr/" class="md-nav__link">
  340. <span class="md-ellipsis">
  341. Google Container Registry
  342. </span>
  343. </a>
  344. </li>
  345. <li class="md-nav__item">
  346. <a href="../../api/generator/vault/" class="md-nav__link">
  347. <span class="md-ellipsis">
  348. Vault Dynamic Secret
  349. </span>
  350. </a>
  351. </li>
  352. <li class="md-nav__item">
  353. <a href="../../api/generator/password/" class="md-nav__link">
  354. <span class="md-ellipsis">
  355. Password
  356. </span>
  357. </a>
  358. </li>
  359. <li class="md-nav__item">
  360. <a href="../../api/generator/fake/" class="md-nav__link">
  361. <span class="md-ellipsis">
  362. Fake
  363. </span>
  364. </a>
  365. </li>
  366. <li class="md-nav__item">
  367. <a href="../../api/generator/webhook/" class="md-nav__link">
  368. <span class="md-ellipsis">
  369. Webhook
  370. </span>
  371. </a>
  372. </li>
  373. <li class="md-nav__item">
  374. <a href="../../api/generator/github/" class="md-nav__link">
  375. <span class="md-ellipsis">
  376. Github
  377. </span>
  378. </a>
  379. </li>
  380. <li class="md-nav__item">
  381. <a href="../../api/generator/uuid/" class="md-nav__link">
  382. <span class="md-ellipsis">
  383. UUID
  384. </span>
  385. </a>
  386. </li>
  387. </ul>
  388. </nav>
  389. </li>
  390. <li class="md-nav__item md-nav__item--nested">
  391. <input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_2_4" >
  392. <label class="md-nav__link" for="__nav_2_4" id="__nav_2_4_label" tabindex="0">
  393. <span class="md-ellipsis">
  394. Reference Docs
  395. </span>
  396. <span class="md-nav__icon md-icon"></span>
  397. </label>
  398. <nav class="md-nav" data-md-level="2" aria-labelledby="__nav_2_4_label" aria-expanded="false">
  399. <label class="md-nav__title" for="__nav_2_4">
  400. <span class="md-nav__icon md-icon"></span>
  401. Reference Docs
  402. </label>
  403. <ul class="md-nav__list" data-md-scrollfix>
  404. <li class="md-nav__item">
  405. <a href="../../api/spec/" class="md-nav__link">
  406. <span class="md-ellipsis">
  407. API specification
  408. </span>
  409. </a>
  410. </li>
  411. <li class="md-nav__item">
  412. <a href="../../api/controller-options/" class="md-nav__link">
  413. <span class="md-ellipsis">
  414. Controller Options
  415. </span>
  416. </a>
  417. </li>
  418. <li class="md-nav__item">
  419. <a href="../../api/metrics/" class="md-nav__link">
  420. <span class="md-ellipsis">
  421. Metrics
  422. </span>
  423. </a>
  424. </li>
  425. </ul>
  426. </nav>
  427. </li>
  428. </ul>
  429. </nav>
  430. </li>
  431. <li class="md-nav__item md-nav__item--nested">
  432. <input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_3" >
  433. <label class="md-nav__link" for="__nav_3" id="__nav_3_label" tabindex="0">
  434. <span class="md-ellipsis">
  435. Guides
  436. </span>
  437. <span class="md-nav__icon md-icon"></span>
  438. </label>
  439. <nav class="md-nav" data-md-level="1" aria-labelledby="__nav_3_label" aria-expanded="false">
  440. <label class="md-nav__title" for="__nav_3">
  441. <span class="md-nav__icon md-icon"></span>
  442. Guides
  443. </label>
  444. <ul class="md-nav__list" data-md-scrollfix>
  445. <li class="md-nav__item">
  446. <a href="../../guides/introduction/" class="md-nav__link">
  447. <span class="md-ellipsis">
  448. Introduction
  449. </span>
  450. </a>
  451. </li>
  452. <li class="md-nav__item md-nav__item--nested">
  453. <input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_3_2" >
  454. <label class="md-nav__link" for="__nav_3_2" id="__nav_3_2_label" tabindex="0">
  455. <span class="md-ellipsis">
  456. External Secrets
  457. </span>
  458. <span class="md-nav__icon md-icon"></span>
  459. </label>
  460. <nav class="md-nav" data-md-level="2" aria-labelledby="__nav_3_2_label" aria-expanded="false">
  461. <label class="md-nav__title" for="__nav_3_2">
  462. <span class="md-nav__icon md-icon"></span>
  463. External Secrets
  464. </label>
  465. <ul class="md-nav__list" data-md-scrollfix>
  466. <li class="md-nav__item">
  467. <a href="../../guides/all-keys-one-secret/" class="md-nav__link">
  468. <span class="md-ellipsis">
  469. Extract structured data
  470. </span>
  471. </a>
  472. </li>
  473. <li class="md-nav__item">
  474. <a href="../../guides/getallsecrets/" class="md-nav__link">
  475. <span class="md-ellipsis">
  476. Find Secrets by Name or Metadata
  477. </span>
  478. </a>
  479. </li>
  480. <li class="md-nav__item">
  481. <a href="../../guides/datafrom-rewrite/" class="md-nav__link">
  482. <span class="md-ellipsis">
  483. Rewriting Keys
  484. </span>
  485. </a>
  486. </li>
  487. <li class="md-nav__item md-nav__item--nested">
  488. <input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_3_2_4" >
  489. <label class="md-nav__link" for="__nav_3_2_4" id="__nav_3_2_4_label" tabindex="0">
  490. <span class="md-ellipsis">
  491. Advanced Templating
  492. </span>
  493. <span class="md-nav__icon md-icon"></span>
  494. </label>
  495. <nav class="md-nav" data-md-level="3" aria-labelledby="__nav_3_2_4_label" aria-expanded="false">
  496. <label class="md-nav__title" for="__nav_3_2_4">
  497. <span class="md-nav__icon md-icon"></span>
  498. Advanced Templating
  499. </label>
  500. <ul class="md-nav__list" data-md-scrollfix>
  501. <li class="md-nav__item">
  502. <a href="../../guides/templating/" class="md-nav__link">
  503. <span class="md-ellipsis">
  504. v2
  505. </span>
  506. </a>
  507. </li>
  508. <li class="md-nav__item">
  509. <a href="../../guides/templating-v1/" class="md-nav__link">
  510. <span class="md-ellipsis">
  511. v1
  512. </span>
  513. </a>
  514. </li>
  515. </ul>
  516. </nav>
  517. </li>
  518. <li class="md-nav__item">
  519. <a href="../../guides/common-k8s-secret-types/" class="md-nav__link">
  520. <span class="md-ellipsis">
  521. Kubernetes Secret Types
  522. </span>
  523. </a>
  524. </li>
  525. <li class="md-nav__item">
  526. <a href="../../guides/ownership-deletion-policy/" class="md-nav__link">
  527. <span class="md-ellipsis">
  528. Lifecycle: ownership & deletion
  529. </span>
  530. </a>
  531. </li>
  532. <li class="md-nav__item">
  533. <a href="../../guides/decoding-strategy/" class="md-nav__link">
  534. <span class="md-ellipsis">
  535. Decoding Strategies
  536. </span>
  537. </a>
  538. </li>
  539. <li class="md-nav__item">
  540. <a href="../../guides/controller-class/" class="md-nav__link">
  541. <span class="md-ellipsis">
  542. Controller Classes
  543. </span>
  544. </a>
  545. </li>
  546. </ul>
  547. </nav>
  548. </li>
  549. <li class="md-nav__item">
  550. <a href="../../guides/generator/" class="md-nav__link">
  551. <span class="md-ellipsis">
  552. Generators
  553. </span>
  554. </a>
  555. </li>
  556. <li class="md-nav__item">
  557. <a href="../../guides/pushsecrets/" class="md-nav__link">
  558. <span class="md-ellipsis">
  559. Push Secrets
  560. </span>
  561. </a>
  562. </li>
  563. <li class="md-nav__item md-nav__item--nested">
  564. <input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_3_5" >
  565. <label class="md-nav__link" for="__nav_3_5" id="__nav_3_5_label" tabindex="0">
  566. <span class="md-ellipsis">
  567. Operations
  568. </span>
  569. <span class="md-nav__icon md-icon"></span>
  570. </label>
  571. <nav class="md-nav" data-md-level="2" aria-labelledby="__nav_3_5_label" aria-expanded="false">
  572. <label class="md-nav__title" for="__nav_3_5">
  573. <span class="md-nav__icon md-icon"></span>
  574. Operations
  575. </label>
  576. <ul class="md-nav__list" data-md-scrollfix>
  577. <li class="md-nav__item">
  578. <a href="../../guides/multi-tenancy/" class="md-nav__link">
  579. <span class="md-ellipsis">
  580. Multi Tenancy
  581. </span>
  582. </a>
  583. </li>
  584. <li class="md-nav__item">
  585. <a href="../../guides/security-best-practices/" class="md-nav__link">
  586. <span class="md-ellipsis">
  587. Security Best Practices
  588. </span>
  589. </a>
  590. </li>
  591. <li class="md-nav__item">
  592. <a href="../../guides/threat-model/" class="md-nav__link">
  593. <span class="md-ellipsis">
  594. Threat Model
  595. </span>
  596. </a>
  597. </li>
  598. <li class="md-nav__item">
  599. <a href="../../guides/v1beta1/" class="md-nav__link">
  600. <span class="md-ellipsis">
  601. Upgrading to v1beta1
  602. </span>
  603. </a>
  604. </li>
  605. <li class="md-nav__item">
  606. <a href="../../guides/using-latest-image/" class="md-nav__link">
  607. <span class="md-ellipsis">
  608. Using Latest Image
  609. </span>
  610. </a>
  611. </li>
  612. <li class="md-nav__item">
  613. <a href="../../guides/disable-cluster-features/" class="md-nav__link">
  614. <span class="md-ellipsis">
  615. Disable Cluster Features
  616. </span>
  617. </a>
  618. </li>
  619. </ul>
  620. </nav>
  621. </li>
  622. </ul>
  623. </nav>
  624. </li>
  625. <li class="md-nav__item md-nav__item--active md-nav__item--section md-nav__item--nested">
  626. <input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_4" checked>
  627. <label class="md-nav__link" for="__nav_4" id="__nav_4_label" tabindex="">
  628. <span class="md-ellipsis">
  629. Provider
  630. </span>
  631. <span class="md-nav__icon md-icon"></span>
  632. </label>
  633. <nav class="md-nav" data-md-level="1" aria-labelledby="__nav_4_label" aria-expanded="true">
  634. <label class="md-nav__title" for="__nav_4">
  635. <span class="md-nav__icon md-icon"></span>
  636. Provider
  637. </label>
  638. <ul class="md-nav__list" data-md-scrollfix>
  639. <li class="md-nav__item">
  640. <a href="../aws-secrets-manager/" class="md-nav__link">
  641. <span class="md-ellipsis">
  642. AWS Secrets Manager
  643. </span>
  644. </a>
  645. </li>
  646. <li class="md-nav__item">
  647. <a href="../aws-parameter-store/" class="md-nav__link">
  648. <span class="md-ellipsis">
  649. AWS Parameter Store
  650. </span>
  651. </a>
  652. </li>
  653. <li class="md-nav__item">
  654. <a href="../azure-key-vault/" class="md-nav__link">
  655. <span class="md-ellipsis">
  656. Azure Key Vault
  657. </span>
  658. </a>
  659. </li>
  660. <li class="md-nav__item">
  661. <a href="../beyondtrust/" class="md-nav__link">
  662. <span class="md-ellipsis">
  663. BeyondTrust
  664. </span>
  665. </a>
  666. </li>
  667. <li class="md-nav__item">
  668. <a href="../bitwarden-secrets-manager/" class="md-nav__link">
  669. <span class="md-ellipsis">
  670. Bitwarden Secrets Manager
  671. </span>
  672. </a>
  673. </li>
  674. <li class="md-nav__item">
  675. <a href="../chef/" class="md-nav__link">
  676. <span class="md-ellipsis">
  677. Chef
  678. </span>
  679. </a>
  680. </li>
  681. <li class="md-nav__item md-nav__item--active">
  682. <input class="md-nav__toggle md-toggle" type="checkbox" id="__toc">
  683. <label class="md-nav__link md-nav__link--active" for="__toc">
  684. <span class="md-ellipsis">
  685. CyberArk Conjur
  686. </span>
  687. <span class="md-nav__icon md-icon"></span>
  688. </label>
  689. <a href="./" class="md-nav__link md-nav__link--active">
  690. <span class="md-ellipsis">
  691. CyberArk Conjur
  692. </span>
  693. </a>
  694. <nav class="md-nav md-nav--secondary" aria-label="Table of contents">
  695. <label class="md-nav__title" for="__toc">
  696. <span class="md-nav__icon md-icon"></span>
  697. Table of contents
  698. </label>
  699. <ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
  700. <li class="md-nav__item">
  701. <a href="#conjur-provider" class="md-nav__link">
  702. <span class="md-ellipsis">
  703. Conjur Provider
  704. </span>
  705. </a>
  706. <nav class="md-nav" aria-label="Conjur Provider">
  707. <ul class="md-nav__list">
  708. <li class="md-nav__item">
  709. <a href="#prerequisites" class="md-nav__link">
  710. <span class="md-ellipsis">
  711. Prerequisites
  712. </span>
  713. </a>
  714. </li>
  715. <li class="md-nav__item">
  716. <a href="#conjur-server-certificate" class="md-nav__link">
  717. <span class="md-ellipsis">
  718. Conjur server certificate
  719. </span>
  720. </a>
  721. </li>
  722. <li class="md-nav__item">
  723. <a href="#external-secret-store" class="md-nav__link">
  724. <span class="md-ellipsis">
  725. External secret store
  726. </span>
  727. </a>
  728. <nav class="md-nav" aria-label="External secret store">
  729. <ul class="md-nav__list">
  730. <li class="md-nav__item">
  731. <a href="#option-1-external-secret-store-with-apikey-authentication" class="md-nav__link">
  732. <span class="md-ellipsis">
  733. Option 1: External secret store with apiKey authentication
  734. </span>
  735. </a>
  736. <nav class="md-nav" aria-label="Option 1: External secret store with apiKey authentication">
  737. <ul class="md-nav__list">
  738. <li class="md-nav__item">
  739. <a href="#step-1-define-an-external-secret-store" class="md-nav__link">
  740. <span class="md-ellipsis">
  741. Step 1: Define an external secret store
  742. </span>
  743. </a>
  744. </li>
  745. <li class="md-nav__item">
  746. <a href="#step-2-create-kubernetes-secrets-for-conjur-credentials" class="md-nav__link">
  747. <span class="md-ellipsis">
  748. Step 2: Create Kubernetes secrets for Conjur credentials
  749. </span>
  750. </a>
  751. </li>
  752. <li class="md-nav__item">
  753. <a href="#step-3-create-the-external-secrets-store" class="md-nav__link">
  754. <span class="md-ellipsis">
  755. Step 3: Create the external secrets store
  756. </span>
  757. </a>
  758. </li>
  759. </ul>
  760. </nav>
  761. </li>
  762. <li class="md-nav__item">
  763. <a href="#option-2-external-secret-store-with-jwt-authentication" class="md-nav__link">
  764. <span class="md-ellipsis">
  765. Option 2: External secret store with JWT authentication
  766. </span>
  767. </a>
  768. <nav class="md-nav" aria-label="Option 2: External secret store with JWT authentication">
  769. <ul class="md-nav__list">
  770. <li class="md-nav__item">
  771. <a href="#step-1-define-an-external-secret-store_1" class="md-nav__link">
  772. <span class="md-ellipsis">
  773. Step 1: Define an external secret store
  774. </span>
  775. </a>
  776. </li>
  777. <li class="md-nav__item">
  778. <a href="#step-2-create-the-external-secrets-store" class="md-nav__link">
  779. <span class="md-ellipsis">
  780. Step 2: Create the external secrets store
  781. </span>
  782. </a>
  783. </li>
  784. </ul>
  785. </nav>
  786. </li>
  787. </ul>
  788. </nav>
  789. </li>
  790. <li class="md-nav__item">
  791. <a href="#define-an-external-secret" class="md-nav__link">
  792. <span class="md-ellipsis">
  793. Define an external secret
  794. </span>
  795. </a>
  796. <nav class="md-nav" aria-label="Define an external secret">
  797. <ul class="md-nav__list">
  798. <li class="md-nav__item">
  799. <a href="#find-by-name-and-find-by-tag" class="md-nav__link">
  800. <span class="md-ellipsis">
  801. Find by Name and Find by Tag
  802. </span>
  803. </a>
  804. </li>
  805. </ul>
  806. </nav>
  807. </li>
  808. <li class="md-nav__item">
  809. <a href="#create-the-external-secret" class="md-nav__link">
  810. <span class="md-ellipsis">
  811. Create the external secret
  812. </span>
  813. </a>
  814. </li>
  815. <li class="md-nav__item">
  816. <a href="#get-the-k8s-secret" class="md-nav__link">
  817. <span class="md-ellipsis">
  818. Get the K8s secret
  819. </span>
  820. </a>
  821. </li>
  822. <li class="md-nav__item">
  823. <a href="#see-also" class="md-nav__link">
  824. <span class="md-ellipsis">
  825. See also
  826. </span>
  827. </a>
  828. </li>
  829. <li class="md-nav__item">
  830. <a href="#license" class="md-nav__link">
  831. <span class="md-ellipsis">
  832. License
  833. </span>
  834. </a>
  835. </li>
  836. </ul>
  837. </nav>
  838. </li>
  839. </ul>
  840. </nav>
  841. </li>
  842. <li class="md-nav__item">
  843. <a href="../device42/" class="md-nav__link">
  844. <span class="md-ellipsis">
  845. Device42
  846. </span>
  847. </a>
  848. </li>
  849. <li class="md-nav__item">
  850. <a href="../google-secrets-manager/" class="md-nav__link">
  851. <span class="md-ellipsis">
  852. Google Cloud Secret Manager
  853. </span>
  854. </a>
  855. </li>
  856. <li class="md-nav__item">
  857. <a href="../hashicorp-vault/" class="md-nav__link">
  858. <span class="md-ellipsis">
  859. HashiCorp Vault
  860. </span>
  861. </a>
  862. </li>
  863. <li class="md-nav__item">
  864. <a href="../kubernetes/" class="md-nav__link">
  865. <span class="md-ellipsis">
  866. Kubernetes
  867. </span>
  868. </a>
  869. </li>
  870. <li class="md-nav__item">
  871. <a href="../ibm-secrets-manager/" class="md-nav__link">
  872. <span class="md-ellipsis">
  873. IBM Secrets Manager
  874. </span>
  875. </a>
  876. </li>
  877. <li class="md-nav__item">
  878. <a href="../akeyless/" class="md-nav__link">
  879. <span class="md-ellipsis">
  880. Akeyless
  881. </span>
  882. </a>
  883. </li>
  884. <li class="md-nav__item">
  885. <a href="../yandex-certificate-manager/" class="md-nav__link">
  886. <span class="md-ellipsis">
  887. Yandex Certificate Manager
  888. </span>
  889. </a>
  890. </li>
  891. <li class="md-nav__item">
  892. <a href="../yandex-lockbox/" class="md-nav__link">
  893. <span class="md-ellipsis">
  894. Yandex Lockbox
  895. </span>
  896. </a>
  897. </li>
  898. <li class="md-nav__item">
  899. <a href="../alibaba/" class="md-nav__link">
  900. <span class="md-ellipsis">
  901. Alibaba Cloud
  902. </span>
  903. </a>
  904. </li>
  905. <li class="md-nav__item">
  906. <a href="../gitlab-variables/" class="md-nav__link">
  907. <span class="md-ellipsis">
  908. GitLab Variables
  909. </span>
  910. </a>
  911. </li>
  912. <li class="md-nav__item">
  913. <a href="../oracle-vault/" class="md-nav__link">
  914. <span class="md-ellipsis">
  915. Oracle Vault
  916. </span>
  917. </a>
  918. </li>
  919. <li class="md-nav__item">
  920. <a href="../1password-automation/" class="md-nav__link">
  921. <span class="md-ellipsis">
  922. 1Password Secrets Automation
  923. </span>
  924. </a>
  925. </li>
  926. <li class="md-nav__item">
  927. <a href="../webhook/" class="md-nav__link">
  928. <span class="md-ellipsis">
  929. Webhook
  930. </span>
  931. </a>
  932. </li>
  933. <li class="md-nav__item">
  934. <a href="../fake/" class="md-nav__link">
  935. <span class="md-ellipsis">
  936. Fake
  937. </span>
  938. </a>
  939. </li>
  940. <li class="md-nav__item">
  941. <a href="../senhasegura-dsm/" class="md-nav__link">
  942. <span class="md-ellipsis">
  943. senhasegura DevOps Secrets Management (DSM)
  944. </span>
  945. </a>
  946. </li>
  947. <li class="md-nav__item">
  948. <a href="../doppler/" class="md-nav__link">
  949. <span class="md-ellipsis">
  950. Doppler
  951. </span>
  952. </a>
  953. </li>
  954. <li class="md-nav__item">
  955. <a href="../keeper-security/" class="md-nav__link">
  956. <span class="md-ellipsis">
  957. Keeper Security
  958. </span>
  959. </a>
  960. </li>
  961. <li class="md-nav__item">
  962. <a href="../cloak/" class="md-nav__link">
  963. <span class="md-ellipsis">
  964. Cloak End 2 End Encrypted Secrets
  965. </span>
  966. </a>
  967. </li>
  968. <li class="md-nav__item">
  969. <a href="../scaleway/" class="md-nav__link">
  970. <span class="md-ellipsis">
  971. Scaleway
  972. </span>
  973. </a>
  974. </li>
  975. <li class="md-nav__item">
  976. <a href="../delinea/" class="md-nav__link">
  977. <span class="md-ellipsis">
  978. Delinea
  979. </span>
  980. </a>
  981. </li>
  982. <li class="md-nav__item">
  983. <a href="../secretserver/" class="md-nav__link">
  984. <span class="md-ellipsis">
  985. Secret Server
  986. </span>
  987. </a>
  988. </li>
  989. <li class="md-nav__item">
  990. <a href="../passbolt/" class="md-nav__link">
  991. <span class="md-ellipsis">
  992. Passbolt
  993. </span>
  994. </a>
  995. </li>
  996. <li class="md-nav__item">
  997. <a href="../pulumi/" class="md-nav__link">
  998. <span class="md-ellipsis">
  999. Pulumi ESC
  1000. </span>
  1001. </a>
  1002. </li>
  1003. <li class="md-nav__item">
  1004. <a href="../onboardbase/" class="md-nav__link">
  1005. <span class="md-ellipsis">
  1006. Onboardbase
  1007. </span>
  1008. </a>
  1009. </li>
  1010. <li class="md-nav__item">
  1011. <a href="../../provider-passworddepot/" class="md-nav__link">
  1012. <span class="md-ellipsis">
  1013. Password Depot
  1014. </span>
  1015. </a>
  1016. </li>
  1017. <li class="md-nav__item">
  1018. <a href="../fortanix/" class="md-nav__link">
  1019. <span class="md-ellipsis">
  1020. Fortanix
  1021. </span>
  1022. </a>
  1023. </li>
  1024. <li class="md-nav__item">
  1025. <a href="../infisical/" class="md-nav__link">
  1026. <span class="md-ellipsis">
  1027. Infisical
  1028. </span>
  1029. </a>
  1030. </li>
  1031. <li class="md-nav__item">
  1032. <a href="../previder/" class="md-nav__link">
  1033. <span class="md-ellipsis">
  1034. Previder
  1035. </span>
  1036. </a>
  1037. </li>
  1038. </ul>
  1039. </nav>
  1040. </li>
  1041. <li class="md-nav__item md-nav__item--nested">
  1042. <input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_5" >
  1043. <label class="md-nav__link" for="__nav_5" id="__nav_5_label" tabindex="0">
  1044. <span class="md-ellipsis">
  1045. Examples
  1046. </span>
  1047. <span class="md-nav__icon md-icon"></span>
  1048. </label>
  1049. <nav class="md-nav" data-md-level="1" aria-labelledby="__nav_5_label" aria-expanded="false">
  1050. <label class="md-nav__title" for="__nav_5">
  1051. <span class="md-nav__icon md-icon"></span>
  1052. Examples
  1053. </label>
  1054. <ul class="md-nav__list" data-md-scrollfix>
  1055. <li class="md-nav__item">
  1056. <a href="../../examples/gitops-using-fluxcd/" class="md-nav__link">
  1057. <span class="md-ellipsis">
  1058. FluxCD
  1059. </span>
  1060. </a>
  1061. </li>
  1062. <li class="md-nav__item">
  1063. <a href="../../examples/anchore-engine-credentials/" class="md-nav__link">
  1064. <span class="md-ellipsis">
  1065. Anchore Engine
  1066. </span>
  1067. </a>
  1068. </li>
  1069. <li class="md-nav__item">
  1070. <a href="../../examples/jenkins-kubernetes-credentials/" class="md-nav__link">
  1071. <span class="md-ellipsis">
  1072. Jenkins
  1073. </span>
  1074. </a>
  1075. </li>
  1076. <li class="md-nav__item">
  1077. <a href="../../examples/bitwarden/" class="md-nav__link">
  1078. <span class="md-ellipsis">
  1079. BitWarden
  1080. </span>
  1081. </a>
  1082. </li>
  1083. </ul>
  1084. </nav>
  1085. </li>
  1086. <li class="md-nav__item md-nav__item--nested">
  1087. <input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_6" >
  1088. <label class="md-nav__link" for="__nav_6" id="__nav_6_label" tabindex="0">
  1089. <span class="md-ellipsis">
  1090. Community
  1091. </span>
  1092. <span class="md-nav__icon md-icon"></span>
  1093. </label>
  1094. <nav class="md-nav" data-md-level="1" aria-labelledby="__nav_6_label" aria-expanded="false">
  1095. <label class="md-nav__title" for="__nav_6">
  1096. <span class="md-nav__icon md-icon"></span>
  1097. Community
  1098. </label>
  1099. <ul class="md-nav__list" data-md-scrollfix>
  1100. <li class="md-nav__item md-nav__item--nested">
  1101. <input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_6_1" >
  1102. <label class="md-nav__link" for="__nav_6_1" id="__nav_6_1_label" tabindex="0">
  1103. <span class="md-ellipsis">
  1104. Contributing
  1105. </span>
  1106. <span class="md-nav__icon md-icon"></span>
  1107. </label>
  1108. <nav class="md-nav" data-md-level="2" aria-labelledby="__nav_6_1_label" aria-expanded="false">
  1109. <label class="md-nav__title" for="__nav_6_1">
  1110. <span class="md-nav__icon md-icon"></span>
  1111. Contributing
  1112. </label>
  1113. <ul class="md-nav__list" data-md-scrollfix>
  1114. <li class="md-nav__item">
  1115. <a href="../../contributing/devguide/" class="md-nav__link">
  1116. <span class="md-ellipsis">
  1117. Developer guide
  1118. </span>
  1119. </a>
  1120. </li>
  1121. <li class="md-nav__item">
  1122. <a href="../../contributing/process/" class="md-nav__link">
  1123. <span class="md-ellipsis">
  1124. Contributing Process
  1125. </span>
  1126. </a>
  1127. </li>
  1128. <li class="md-nav__item">
  1129. <a href="../../contributing/release/" class="md-nav__link">
  1130. <span class="md-ellipsis">
  1131. Release Process
  1132. </span>
  1133. </a>
  1134. </li>
  1135. <li class="md-nav__item">
  1136. <a href="../../contributing/coc/" class="md-nav__link">
  1137. <span class="md-ellipsis">
  1138. Code of Conduct
  1139. </span>
  1140. </a>
  1141. </li>
  1142. <li class="md-nav__item">
  1143. <a href="../../contributing/roadmap/" class="md-nav__link">
  1144. <span class="md-ellipsis">
  1145. Roadmap
  1146. </span>
  1147. </a>
  1148. </li>
  1149. </ul>
  1150. </nav>
  1151. </li>
  1152. <li class="md-nav__item md-nav__item--nested">
  1153. <input class="md-nav__toggle md-toggle md-toggle--indeterminate" type="checkbox" id="__nav_6_2" >
  1154. <label class="md-nav__link" for="__nav_6_2" id="__nav_6_2_label" tabindex="0">
  1155. <span class="md-ellipsis">
  1156. External Resources
  1157. </span>
  1158. <span class="md-nav__icon md-icon"></span>
  1159. </label>
  1160. <nav class="md-nav" data-md-level="2" aria-labelledby="__nav_6_2_label" aria-expanded="false">
  1161. <label class="md-nav__title" for="__nav_6_2">
  1162. <span class="md-nav__icon md-icon"></span>
  1163. External Resources
  1164. </label>
  1165. <ul class="md-nav__list" data-md-scrollfix>
  1166. <li class="md-nav__item">
  1167. <a href="../../eso-talks/" class="md-nav__link">
  1168. <span class="md-ellipsis">
  1169. Talks
  1170. </span>
  1171. </a>
  1172. </li>
  1173. <li class="md-nav__item">
  1174. <a href="../../eso-demos/" class="md-nav__link">
  1175. <span class="md-ellipsis">
  1176. Demos
  1177. </span>
  1178. </a>
  1179. </li>
  1180. <li class="md-nav__item">
  1181. <a href="../../eso-blogs/" class="md-nav__link">
  1182. <span class="md-ellipsis">
  1183. Blogs
  1184. </span>
  1185. </a>
  1186. </li>
  1187. <li class="md-nav__item">
  1188. <a href="../../eso-tools/" class="md-nav__link">
  1189. <span class="md-ellipsis">
  1190. Tools
  1191. </span>
  1192. </a>
  1193. </li>
  1194. </ul>
  1195. </nav>
  1196. </li>
  1197. </ul>
  1198. </nav>
  1199. </li>
  1200. </ul>
  1201. </nav>
  1202. </div>
  1203. </div>
  1204. </div>
  1205. <div class="md-sidebar md-sidebar--secondary" data-md-component="sidebar" data-md-type="toc" >
  1206. <div class="md-sidebar__scrollwrap">
  1207. <div class="md-sidebar__inner">
  1208. <nav class="md-nav md-nav--secondary" aria-label="Table of contents">
  1209. <label class="md-nav__title" for="__toc">
  1210. <span class="md-nav__icon md-icon"></span>
  1211. Table of contents
  1212. </label>
  1213. <ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
  1214. <li class="md-nav__item">
  1215. <a href="#conjur-provider" class="md-nav__link">
  1216. <span class="md-ellipsis">
  1217. Conjur Provider
  1218. </span>
  1219. </a>
  1220. <nav class="md-nav" aria-label="Conjur Provider">
  1221. <ul class="md-nav__list">
  1222. <li class="md-nav__item">
  1223. <a href="#prerequisites" class="md-nav__link">
  1224. <span class="md-ellipsis">
  1225. Prerequisites
  1226. </span>
  1227. </a>
  1228. </li>
  1229. <li class="md-nav__item">
  1230. <a href="#conjur-server-certificate" class="md-nav__link">
  1231. <span class="md-ellipsis">
  1232. Conjur server certificate
  1233. </span>
  1234. </a>
  1235. </li>
  1236. <li class="md-nav__item">
  1237. <a href="#external-secret-store" class="md-nav__link">
  1238. <span class="md-ellipsis">
  1239. External secret store
  1240. </span>
  1241. </a>
  1242. <nav class="md-nav" aria-label="External secret store">
  1243. <ul class="md-nav__list">
  1244. <li class="md-nav__item">
  1245. <a href="#option-1-external-secret-store-with-apikey-authentication" class="md-nav__link">
  1246. <span class="md-ellipsis">
  1247. Option 1: External secret store with apiKey authentication
  1248. </span>
  1249. </a>
  1250. <nav class="md-nav" aria-label="Option 1: External secret store with apiKey authentication">
  1251. <ul class="md-nav__list">
  1252. <li class="md-nav__item">
  1253. <a href="#step-1-define-an-external-secret-store" class="md-nav__link">
  1254. <span class="md-ellipsis">
  1255. Step 1: Define an external secret store
  1256. </span>
  1257. </a>
  1258. </li>
  1259. <li class="md-nav__item">
  1260. <a href="#step-2-create-kubernetes-secrets-for-conjur-credentials" class="md-nav__link">
  1261. <span class="md-ellipsis">
  1262. Step 2: Create Kubernetes secrets for Conjur credentials
  1263. </span>
  1264. </a>
  1265. </li>
  1266. <li class="md-nav__item">
  1267. <a href="#step-3-create-the-external-secrets-store" class="md-nav__link">
  1268. <span class="md-ellipsis">
  1269. Step 3: Create the external secrets store
  1270. </span>
  1271. </a>
  1272. </li>
  1273. </ul>
  1274. </nav>
  1275. </li>
  1276. <li class="md-nav__item">
  1277. <a href="#option-2-external-secret-store-with-jwt-authentication" class="md-nav__link">
  1278. <span class="md-ellipsis">
  1279. Option 2: External secret store with JWT authentication
  1280. </span>
  1281. </a>
  1282. <nav class="md-nav" aria-label="Option 2: External secret store with JWT authentication">
  1283. <ul class="md-nav__list">
  1284. <li class="md-nav__item">
  1285. <a href="#step-1-define-an-external-secret-store_1" class="md-nav__link">
  1286. <span class="md-ellipsis">
  1287. Step 1: Define an external secret store
  1288. </span>
  1289. </a>
  1290. </li>
  1291. <li class="md-nav__item">
  1292. <a href="#step-2-create-the-external-secrets-store" class="md-nav__link">
  1293. <span class="md-ellipsis">
  1294. Step 2: Create the external secrets store
  1295. </span>
  1296. </a>
  1297. </li>
  1298. </ul>
  1299. </nav>
  1300. </li>
  1301. </ul>
  1302. </nav>
  1303. </li>
  1304. <li class="md-nav__item">
  1305. <a href="#define-an-external-secret" class="md-nav__link">
  1306. <span class="md-ellipsis">
  1307. Define an external secret
  1308. </span>
  1309. </a>
  1310. <nav class="md-nav" aria-label="Define an external secret">
  1311. <ul class="md-nav__list">
  1312. <li class="md-nav__item">
  1313. <a href="#find-by-name-and-find-by-tag" class="md-nav__link">
  1314. <span class="md-ellipsis">
  1315. Find by Name and Find by Tag
  1316. </span>
  1317. </a>
  1318. </li>
  1319. </ul>
  1320. </nav>
  1321. </li>
  1322. <li class="md-nav__item">
  1323. <a href="#create-the-external-secret" class="md-nav__link">
  1324. <span class="md-ellipsis">
  1325. Create the external secret
  1326. </span>
  1327. </a>
  1328. </li>
  1329. <li class="md-nav__item">
  1330. <a href="#get-the-k8s-secret" class="md-nav__link">
  1331. <span class="md-ellipsis">
  1332. Get the K8s secret
  1333. </span>
  1334. </a>
  1335. </li>
  1336. <li class="md-nav__item">
  1337. <a href="#see-also" class="md-nav__link">
  1338. <span class="md-ellipsis">
  1339. See also
  1340. </span>
  1341. </a>
  1342. </li>
  1343. <li class="md-nav__item">
  1344. <a href="#license" class="md-nav__link">
  1345. <span class="md-ellipsis">
  1346. License
  1347. </span>
  1348. </a>
  1349. </li>
  1350. </ul>
  1351. </nav>
  1352. </li>
  1353. </ul>
  1354. </nav>
  1355. </div>
  1356. </div>
  1357. </div>
  1358. <div class="md-content" data-md-component="content">
  1359. <article class="md-content__inner md-typeset">
  1360. <h1>CyberArk Conjur</h1>
  1361. <h2 id="conjur-provider">Conjur Provider</h2>
  1362. <p>This section describes how to set up the Conjur provider for External Secrets Operator (ESO). For a working example, see the <a href="https://github.com/conjurdemos/Accelerator-K8s-External-Secrets">Accelerator-K8s-External-Secrets repo</a>.</p>
  1363. <h3 id="prerequisites">Prerequisites</h3>
  1364. <p>Before installing the Conjur provider, you need:</p>
  1365. <ul>
  1366. <li>A running Conjur Server (<a href="https://github.com/cyberark/conjur">OSS</a>,
  1367. <a href="https://www.cyberark.com/products/secrets-manager-enterprise/">Enterprise</a>, or
  1368. <a href="https://www.cyberark.com/products/multi-cloud-secrets/">Cloud</a>), with:</li>
  1369. <li>An accessible Conjur endpoint (for example: <code>https://myapi.example.com</code>).</li>
  1370. <li>Your configured Conjur authentication info (such as <code>hostid</code>, <code>apikey</code>, or JWT service ID). For more information on configuring Conjur, see <a href="https://docs.cyberark.com/conjur-open-source/Latest/en/Content/Operations/Policy/policy-statement-ref.htm">Policy statement reference</a>.</li>
  1371. <li>Support for your authentication method (<code>apikey</code> is supported by default, <code>jwt</code> requires additional configuration).</li>
  1372. <li><strong>Optional</strong>: Conjur server certificate (see <a href="#conjur-server-certificate">below</a>).</li>
  1373. <li>A Kubernetes cluster with ESO installed.</li>
  1374. </ul>
  1375. <h3 id="conjur-server-certificate">Conjur server certificate</h3>
  1376. <p>If you set up your Conjur server with a self-signed certificate, we recommend that you populate the <code>caBundle</code> field with the Conjur self-signed certificate in the secret-store definition. The certificate CA must be referenced in the secret-store definition using either <code>caBundle</code> or <code>caProvider</code>:</p>
  1377. <div class="highlight"><pre><span></span><code><span class="l l-Scalar l-Scalar-Plain">....</span>
  1378. <span class="l l-Scalar l-Scalar-Plain">spec</span><span class="p p-Indicator">:</span>
  1379. <span class="w"> </span><span class="nt">provider</span><span class="p">:</span>
  1380. <span class="w"> </span><span class="nt">conjur</span><span class="p">:</span>
  1381. <span class="w"> </span><span class="c1"># Service URL</span>
  1382. <span class="w"> </span><span class="nt">url</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">https://myapi.conjur.org</span>
  1383. <span class="w"> </span><span class="c1"># [OPTIONAL] base64 encoded string of certificate</span>
  1384. <span class="w"> </span><span class="nt">caBundle</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;&lt;base64</span><span class="nv"> </span><span class="s">encoded</span><span class="nv"> </span><span class="s">cabundle&gt;&quot;</span>
  1385. <span class="w"> </span><span class="c1"># [OPTIONAL] caProvider:</span>
  1386. <span class="w"> </span><span class="c1"># Instead of caBundle you can also specify a caProvider,</span>
  1387. <span class="w"> </span><span class="c1"># which retrieves the cert from a Secret or ConfigMap</span>
  1388. <span class="w"> </span><span class="nt">caProvider</span><span class="p">:</span>
  1389. <span class="w"> </span><span class="nt">type</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;Secret&quot;</span><span class="w"> </span><span class="c1"># Can be Secret or ConfigMap</span>
  1390. <span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;&lt;name</span><span class="nv"> </span><span class="s">of</span><span class="nv"> </span><span class="s">secret</span><span class="nv"> </span><span class="s">or</span><span class="nv"> </span><span class="s">configmap&gt;&quot;</span>
  1391. <span class="w"> </span><span class="nt">key</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;&lt;key</span><span class="nv"> </span><span class="s">inside</span><span class="nv"> </span><span class="s">secret</span><span class="nv"> </span><span class="s">or</span><span class="nv"> </span><span class="s">configmap&gt;&quot;</span>
  1392. <span class="w"> </span><span class="c1"># namespace is required for ClusterSecretStore</span>
  1393. <span class="w"> </span><span class="c1"># but not relevant for SecretStore</span>
  1394. <span class="w"> </span><span class="nt">namespace</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;my-cert-secret-namespace&quot;</span>
  1395. <span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">....</span>
  1396. </code></pre></div>
  1397. <h3 id="external-secret-store">External secret store</h3>
  1398. <p>The Conjur provider is configured as an external secret store in ESO. The Conjur provider supports these two methods to authenticate to Conjur:</p>
  1399. <ul>
  1400. <li><a href="#option-1-external-secret-store-with-apikey-authentication"><code>apikey</code></a>: uses a Conjur <code>hostid</code> and <code>apikey</code> to authenticate with Conjur</li>
  1401. <li><a href="#option-2-external-secret-store-with-jwt-authentication"><code>jwt</code></a>: uses a JWT to authenticate with Conjur</li>
  1402. </ul>
  1403. <h4 id="option-1-external-secret-store-with-apikey-authentication">Option 1: External secret store with apiKey authentication</h4>
  1404. <p>This method uses a Conjur <code>hostid</code> and <code>apikey</code> to authenticate with Conjur. It is the simplest method to set up and use because your Conjur instance requires no additional configuration.</p>
  1405. <h5 id="step-1-define-an-external-secret-store">Step 1: Define an external secret store</h5>
  1406. <div class="admonition tip">
  1407. <p class="admonition-title">Tip</p>
  1408. <p>Save as the file as: <code>conjur-secret-store.yaml</code></p>
  1409. </div>
  1410. <div class="highlight"><pre><span></span><code><span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-secrets.io/v1beta1</span>
  1411. <span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">SecretStore</span>
  1412. <span class="nt">metadata</span><span class="p">:</span>
  1413. <span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">conjur</span>
  1414. <span class="nt">spec</span><span class="p">:</span>
  1415. <span class="w"> </span><span class="nt">provider</span><span class="p">:</span>
  1416. <span class="w"> </span><span class="nt">conjur</span><span class="p">:</span>
  1417. <span class="w"> </span><span class="c1"># Service URL</span>
  1418. <span class="w"> </span><span class="nt">url</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">https://myapi.conjur.org</span>
  1419. <span class="w"> </span><span class="c1"># [OPTIONAL] base64 encoded string of certificate</span>
  1420. <span class="w"> </span><span class="nt">caBundle</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">OPTIONALxFIELDxxxBase64xCertxString==</span><span class="w"> </span>
  1421. <span class="w"> </span><span class="nt">auth</span><span class="p">:</span>
  1422. <span class="w"> </span><span class="nt">apikey</span><span class="p">:</span>
  1423. <span class="w"> </span><span class="c1"># conjur account</span>
  1424. <span class="w"> </span><span class="nt">account</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">conjur</span>
  1425. <span class="w"> </span><span class="nt">userRef</span><span class="p">:</span><span class="w"> </span><span class="c1"># Get this from K8S secret</span>
  1426. <span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">conjur-creds</span>
  1427. <span class="w"> </span><span class="nt">key</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">hostid</span>
  1428. <span class="w"> </span><span class="nt">apiKeyRef</span><span class="p">:</span><span class="w"> </span><span class="c1"># Get this from K8S secret</span>
  1429. <span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">conjur-creds</span>
  1430. <span class="w"> </span><span class="nt">key</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">apikey</span>
  1431. </code></pre></div>
  1432. <h5 id="step-2-create-kubernetes-secrets-for-conjur-credentials">Step 2: Create Kubernetes secrets for Conjur credentials</h5>
  1433. <p>To connect to the Conjur server, the <strong>ESO Conjur provider</strong> needs to retrieve the <code>apikey</code> credentials from K8s secrets.</p>
  1434. <div class="admonition note">
  1435. <p class="admonition-title">Note</p>
  1436. <p>For more information about how to create K8s secrets, see <a href="https://kubernetes.io/docs/concepts/configuration/secret/#creating-a-secret">Creating a secret</a>.</p>
  1437. </div>
  1438. <p>Here is an example of how to create K8s secrets using the <code>kubectl</code> command:</p>
  1439. <div class="highlight"><pre><span></span><code><span class="c1"># This is all one line</span>
  1440. kubectl<span class="w"> </span>-n<span class="w"> </span>external-secrets<span class="w"> </span>create<span class="w"> </span>secret<span class="w"> </span>generic<span class="w"> </span>conjur-creds<span class="w"> </span>--from-literal<span class="o">=</span><span class="nv">hostid</span><span class="o">=</span>MYCONJURHOSTID<span class="w"> </span>--from-literal<span class="o">=</span><span class="nv">apikey</span><span class="o">=</span>MYAPIKEY
  1441. <span class="c1"># Example:</span>
  1442. <span class="c1"># kubectl -n external-secrets create secret generic conjur-creds --from-literal=hostid=host/data/app1/host001 --from-literal=apikey=321blahblah</span>
  1443. </code></pre></div>
  1444. <div class="admonition note">
  1445. <p class="admonition-title">Note</p>
  1446. <p><code>conjur-creds</code> is the <code>name</code> defined in the <code>userRef</code> and <code>apikeyRef</code> fields of the <code>conjur-secret-store.yml</code> file.</p>
  1447. </div>
  1448. <h5 id="step-3-create-the-external-secrets-store">Step 3: Create the external secrets store</h5>
  1449. <div class="admonition important">
  1450. <p class="admonition-title">Important</p>
  1451. <p>Unless you are using a <a href="../../api/clustersecretstore/">ClusterSecretStore</a>, credentials must reside in the same namespace as the SecretStore.</p>
  1452. </div>
  1453. <div class="highlight"><pre><span></span><code><span class="c1"># WARNING: creates the store in the &quot;external-secrets&quot; namespace, update the value as needed</span>
  1454. <span class="c1">#</span>
  1455. kubectl<span class="w"> </span>apply<span class="w"> </span>-n<span class="w"> </span>external-secrets<span class="w"> </span>-f<span class="w"> </span>conjur-secret-store.yaml
  1456. <span class="c1"># WARNING: running the delete command will delete the secret store configuration</span>
  1457. <span class="c1">#</span>
  1458. <span class="c1"># If there is a need to delete the external secretstore</span>
  1459. <span class="c1"># kubectl delete secretstore -n external-secrets conjur</span>
  1460. </code></pre></div>
  1461. <h4 id="option-2-external-secret-store-with-jwt-authentication">Option 2: External secret store with JWT authentication</h4>
  1462. <p>This method uses JWT tokens to authenticate with Conjur. You can use the following methods to retrieve a JWT token for authentication:</p>
  1463. <ul>
  1464. <li>JWT token from a referenced Kubernetes service account</li>
  1465. <li>JWT token stored in a Kubernetes secret</li>
  1466. </ul>
  1467. <h5 id="step-1-define-an-external-secret-store_1">Step 1: Define an external secret store</h5>
  1468. <p>When you use JWT authentication, the following must be specified in the <code>SecretStore</code>:</p>
  1469. <ul>
  1470. <li><code>account</code> - The name of the Conjur account</li>
  1471. <li><code>serviceId</code> - The ID of the JWT Authenticator <code>WebService</code> configured in Conjur that is used to authenticate the JWT token</li>
  1472. </ul>
  1473. <p>You can retrieve the JWT token from either a referenced service account or a Kubernetes secret.</p>
  1474. <p>For example, to retrieve a JWT token from a referenced Kubernetes service account, the following secret store definition can be used:</p>
  1475. <div class="highlight"><pre><span></span><code><span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-secrets.io/v1beta1</span>
  1476. <span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">SecretStore</span>
  1477. <span class="nt">metadata</span><span class="p">:</span>
  1478. <span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">conjur</span>
  1479. <span class="nt">spec</span><span class="p">:</span>
  1480. <span class="w"> </span><span class="nt">provider</span><span class="p">:</span>
  1481. <span class="w"> </span><span class="nt">conjur</span><span class="p">:</span>
  1482. <span class="w"> </span><span class="c1"># Service URL</span>
  1483. <span class="w"> </span><span class="nt">url</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">https://myapi.conjur.org</span>
  1484. <span class="w"> </span><span class="c1"># [OPTIONAL] base64 encoded string of certificate</span>
  1485. <span class="w"> </span><span class="nt">caBundle</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">OPTIONALxFIELDxxxBase64xCertxString==</span>
  1486. <span class="w"> </span><span class="nt">auth</span><span class="p">:</span>
  1487. <span class="w"> </span><span class="nt">jwt</span><span class="p">:</span>
  1488. <span class="w"> </span><span class="c1"># conjur account</span>
  1489. <span class="w"> </span><span class="nt">account</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">conjur</span>
  1490. <span class="w"> </span><span class="c1"># The authn-jwt service ID</span>
  1491. <span class="w"> </span><span class="nt">serviceID</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">my-jwt-auth-service</span>
  1492. <span class="w"> </span><span class="c1"># Service account to retrieve JWT token for</span>
  1493. <span class="w"> </span><span class="nt">serviceAccountRef</span><span class="p">:</span>
  1494. <span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">my-service-account</span>
  1495. <span class="w"> </span><span class="c1"># [OPTIONAL] audiences to include in JWT token</span>
  1496. <span class="w"> </span><span class="nt">audiences</span><span class="p">:</span>
  1497. <span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">https://conjur.company.com</span>
  1498. </code></pre></div>
  1499. <div class="admonition important">
  1500. <p class="admonition-title">Important</p>
  1501. <p>This method is only supported in Kubernetes 1.22 and above as it uses the <a href="https://kubernetes.io/docs/reference/kubernetes-api/authentication-resources/token-request-v1/">TokenRequest API</a> to get the JWT token from the referenced service account. Audiences can be defined in the <a href="https://docs.conjur.org/Latest/en/Content/Integrations/k8s-ocp/k8s-jwt-authn.htm">Conjur JWT authenticator</a>.</p>
  1502. </div>
  1503. <p>Alternatively, here is an example where a secret containing a valid JWT token is referenced:</p>
  1504. <div class="highlight"><pre><span></span><code><span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-secrets.io/v1beta1</span>
  1505. <span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">SecretStore</span>
  1506. <span class="nt">metadata</span><span class="p">:</span>
  1507. <span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">conjur</span>
  1508. <span class="nt">spec</span><span class="p">:</span>
  1509. <span class="w"> </span><span class="nt">provider</span><span class="p">:</span>
  1510. <span class="w"> </span><span class="nt">conjur</span><span class="p">:</span>
  1511. <span class="w"> </span><span class="c1"># Service URL</span>
  1512. <span class="w"> </span><span class="nt">url</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">https://myapi.conjur.org</span>
  1513. <span class="w"> </span><span class="c1"># [OPTIONAL] base64 encoded string of certificate</span>
  1514. <span class="w"> </span><span class="nt">caBundle</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">OPTIONALxFIELDxxxBase64xCertxString==</span>
  1515. <span class="w"> </span><span class="nt">auth</span><span class="p">:</span>
  1516. <span class="w"> </span><span class="nt">jwt</span><span class="p">:</span>
  1517. <span class="w"> </span><span class="c1"># conjur account</span>
  1518. <span class="w"> </span><span class="nt">account</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">conjur</span>
  1519. <span class="w"> </span><span class="c1"># The authn-jwt service ID</span>
  1520. <span class="w"> </span><span class="nt">serviceID</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">my-jwt-auth-service</span>
  1521. <span class="w"> </span><span class="c1"># Secret containing a valid JWT token</span>
  1522. <span class="w"> </span><span class="nt">secretRef</span><span class="p">:</span>
  1523. <span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">my-jwt-secret</span>
  1524. <span class="w"> </span><span class="nt">key</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">token</span>
  1525. </code></pre></div>
  1526. <p>The JWT token must identify your Conjur host, be compatible with your configured Conjur JWT authenticator, and meet all the <a href="https://docs.conjur.org/Latest/en/Content/Operations/Services/cjr-authn-jwt-guidelines.htm#Best">Conjur JWT guidelines</a>.</p>
  1527. <p>You can use an external JWT issuer or the Kubernetes API server to create the token. For example, a Kubernetes service account token can be created with this command:</p>
  1528. <div class="highlight"><pre><span></span><code>kubectl<span class="w"> </span>create<span class="w"> </span>token<span class="w"> </span>my-service-account<span class="w"> </span>--audience<span class="o">=</span><span class="s1">&#39;https://conjur.company.com&#39;</span><span class="w"> </span>--duration<span class="o">=</span>3600s
  1529. </code></pre></div>
  1530. <p>Save the secret store file as <code>conjur-secret-store.yaml</code>.</p>
  1531. <h5 id="step-2-create-the-external-secrets-store">Step 2: Create the external secrets store</h5>
  1532. <div class="highlight"><pre><span></span><code><span class="c1"># WARNING: creates the store in the &quot;external-secrets&quot; namespace, update the value as needed</span>
  1533. <span class="c1">#</span>
  1534. kubectl<span class="w"> </span>apply<span class="w"> </span>-n<span class="w"> </span>external-secrets<span class="w"> </span>-f<span class="w"> </span>conjur-secret-store.yaml
  1535. <span class="c1"># WARNING: running the delete command will delete the secret store configuration</span>
  1536. <span class="c1">#</span>
  1537. <span class="c1"># If there is a need to delete the external secretstore</span>
  1538. <span class="c1"># kubectl delete secretstore -n external-secrets conjur</span>
  1539. </code></pre></div>
  1540. <h3 id="define-an-external-secret">Define an external secret</h3>
  1541. <p>After you have configured the Conjur provider secret store, you can fetch secrets from Conjur.</p>
  1542. <p>Here is an example of how to fetch a single secret from Conjur:</p>
  1543. <div class="highlight"><pre><span></span><code><span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-secrets.io/v1beta1</span>
  1544. <span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ExternalSecret</span>
  1545. <span class="nt">metadata</span><span class="p">:</span>
  1546. <span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">conjur</span>
  1547. <span class="nt">spec</span><span class="p">:</span>
  1548. <span class="w"> </span><span class="nt">refreshInterval</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">10s</span>
  1549. <span class="w"> </span><span class="nt">secretStoreRef</span><span class="p">:</span>
  1550. <span class="w"> </span><span class="c1"># This name must match the metadata.name in the `SecretStore`</span>
  1551. <span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">conjur</span>
  1552. <span class="w"> </span><span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">SecretStore</span>
  1553. <span class="w"> </span><span class="nt">data</span><span class="p">:</span>
  1554. <span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">secretKey</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">secret00</span>
  1555. <span class="w"> </span><span class="nt">remoteRef</span><span class="p">:</span>
  1556. <span class="w"> </span><span class="nt">key</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">data/app1/secret00</span>
  1557. </code></pre></div>
  1558. <p>Save the external secret file as <code>conjur-external-secret.yaml</code>.</p>
  1559. <h4 id="find-by-name-and-find-by-tag">Find by Name and Find by Tag</h4>
  1560. <p>The Conjur provider also supports the Find by Name and Find by Tag ESO features. This means that
  1561. you can use a regular expression or tags to dynamically fetch multiple secrets from Conjur.</p>
  1562. <div class="highlight"><pre><span></span><code><span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-secrets.io/v1beta1</span>
  1563. <span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ExternalSecret</span>
  1564. <span class="nt">metadata</span><span class="p">:</span>
  1565. <span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">conjur-find-by-name</span>
  1566. <span class="nt">spec</span><span class="p">:</span>
  1567. <span class="w"> </span><span class="nt">refreshInterval</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">10s</span>
  1568. <span class="w"> </span><span class="nt">secretStoreRef</span><span class="p">:</span>
  1569. <span class="w"> </span><span class="c1"># This name must match the metadata.name in the `SecretStore`</span>
  1570. <span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">conjur</span>
  1571. <span class="w"> </span><span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">SecretStore</span>
  1572. <span class="w"> </span><span class="nt">target</span><span class="p">:</span>
  1573. <span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">k8s-secret-to-be-created</span>
  1574. <span class="w"> </span><span class="nt">dataFrom</span><span class="p">:</span>
  1575. <span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">find</span><span class="p">:</span>
  1576. <span class="w"> </span><span class="c1"># You can use *either* `name` or `tags` to filter the secrets. Here are basic examples of both:</span>
  1577. <span class="w"> </span><span class="nt">name</span><span class="p">:</span>
  1578. <span class="w"> </span><span class="c1"># Match all secrets in the app1 namespace (e.g., `app1/secret00`, `app1/secret01`, etc.)</span>
  1579. <span class="w"> </span><span class="nt">regexp</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;^app1</span><span class="err">\</span><span class="s">/.+$&quot;</span>
  1580. <span class="w"> </span><span class="nt">tags</span><span class="p">:</span>
  1581. <span class="w"> </span><span class="c1"># Only fetch Conjur secrets with the following annotations</span>
  1582. <span class="w"> </span><span class="nt">environment</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;prod&quot;</span>
  1583. <span class="w"> </span><span class="nt">application</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;app1&quot;</span>
  1584. </code></pre></div>
  1585. <p>If you use these features, we strongly recommend that you limit the permissions of the Conjur host
  1586. to only the secrets that it needs to access. This is more secure and it reduces the load on
  1587. both the Conjur server and ESO.</p>
  1588. <h3 id="create-the-external-secret">Create the external secret</h3>
  1589. <div class="highlight"><pre><span></span><code><span class="c1"># WARNING: creates the external-secret in the &quot;external-secrets&quot; namespace, update the value as needed</span>
  1590. <span class="c1">#</span>
  1591. kubectl<span class="w"> </span>apply<span class="w"> </span>-n<span class="w"> </span>external-secrets<span class="w"> </span>-f<span class="w"> </span>conjur-external-secret.yaml
  1592. <span class="c1"># WARNING: running the delete command will delete the external-secrets configuration</span>
  1593. <span class="c1">#</span>
  1594. <span class="c1"># If there is a need to delete the external secret</span>
  1595. <span class="c1"># kubectl delete externalsecret -n external-secrets conjur</span>
  1596. </code></pre></div>
  1597. <h3 id="get-the-k8s-secret">Get the K8s secret</h3>
  1598. <ul>
  1599. <li>Log in to your Conjur server and verify that your secret exists</li>
  1600. <li>Review the value of your Kubernetes secret to verify that it contains the same value as the Conjur server</li>
  1601. </ul>
  1602. <div class="highlight"><pre><span></span><code><span class="c1"># WARNING: this command will reveal the stored secret in plain text</span>
  1603. <span class="c1">#</span>
  1604. <span class="c1"># Assuming the secret name is &quot;secret00&quot;, this will show the value</span>
  1605. kubectl<span class="w"> </span>get<span class="w"> </span>secret<span class="w"> </span>-n<span class="w"> </span>external-secrets<span class="w"> </span>conjur<span class="w"> </span>-o<span class="w"> </span><span class="nv">jsonpath</span><span class="o">=</span><span class="s2">&quot;{.data.secret00}&quot;</span><span class="w"> </span><span class="p">|</span><span class="w"> </span>base64<span class="w"> </span>--decode<span class="w"> </span><span class="o">&amp;&amp;</span><span class="w"> </span><span class="nb">echo</span>
  1606. </code></pre></div>
  1607. <h3 id="see-also">See also</h3>
  1608. <ul>
  1609. <li><a href="https://github.com/conjurdemos/Accelerator-K8s-External-Secrets">Accelerator-K8s-External-Secrets repo</a></li>
  1610. <li><a href="https://docs.cyberark.com/conjur-open-source/Latest/en/Content/Operations/Services/cjr-authn-jwt-guidelines.htm">Configure Conjur JWT authentication</a></li>
  1611. </ul>
  1612. <h3 id="license">License</h3>
  1613. <p>Copyright (c) 2023-2024 CyberArk Software Ltd. All rights reserved.</p>
  1614. <p>Licensed under the Apache License, Version 2.0 (the "License");
  1615. you may not use this file except in compliance with the License.
  1616. You may obtain a copy of the License at</p>
  1617. <p><a href="http://www.apache.org/licenses/LICENSE-2.0">http://www.apache.org/licenses/LICENSE-2.0</a></p>
  1618. <p>Unless required by applicable law or agreed to in writing, software
  1619. distributed under the License is distributed on an "AS IS" BASIS,
  1620. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  1621. See the License for the specific language governing permissions and
  1622. limitations under the License.</p>
  1623. </article>
  1624. </div>
  1625. <script>var target=document.getElementById(location.hash.slice(1));target&&target.name&&(target.checked=target.name.startsWith("__tabbed_"))</script>
  1626. </div>
  1627. </main>
  1628. <img referrerpolicy="no-referrer-when-downgrade" src="https://static.scarf.sh/a.png?x-pxid=6658a9eb-067d-49f1-94f2-b8b00f21451e" />
  1629. <footer class="md-footer">
  1630. <div class="md-footer-meta md-typeset">
  1631. <div class="md-footer-meta__inner md-grid">
  1632. <div class="md-copyright">
  1633. <div class="md-copyright__highlight">
  1634. &copy; 2024 The external-secrets Authors.<br/>
  1635. &copy; 2024 The Linux Foundation. All rights reserved.<br/><br/>
  1636. The Linux Foundation has registered trademarks and uses trademarks.<br/>
  1637. For a list of trademarks of The Linux Foundation, please see our <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage page</a>.
  1638. </div>
  1639. Made with
  1640. <a href="https://squidfunk.github.io/mkdocs-material/" target="_blank" rel="noopener">
  1641. Material for MkDocs
  1642. </a>
  1643. </div>
  1644. </div>
  1645. </div>
  1646. </footer>
  1647. </div>
  1648. <div class="md-dialog" data-md-component="dialog">
  1649. <div class="md-dialog__inner md-typeset"></div>
  1650. </div>
  1651. <script id="__config" type="application/json">{"base": "../..", "features": ["navigation.tabs", "navigation.indexes", "navigation.expand"], "search": "../../assets/javascripts/workers/search.6ce7567c.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}, "version": {"provider": "mike"}}</script>
  1652. <script src="../../assets/javascripts/bundle.83f73b43.min.js"></script>
  1653. </body>
  1654. </html>