Home Explore Help
Sign In
logic855
/
helm-external-secrets
mirror of https://github.com/external-secrets/external-secrets
1
0
Fork 0
Files Issues 0 Wiki
Tree: dda7b4c168
Branches Tags
helm-externa...
/
docs
/
snippets
/
generator-sts.yaml

generator-sts.yaml 923 B
History Raw

123456789101112131415161718192021222324252627282930313233 
  1. apiVersion: generators.external-secrets.io/v1alpha1
    2. 

  2. kind: STSSessionToken
    3. 

  3. metadata:
    4. 

  4.   name: sts-gen
    5. 

  5. spec:
    6. 

  6. 

  7.   # specify aws region (mandatory)
    8. 

  8.   region: eu-west-1
    9. 

  9. 

  10.   # assume role with the given authentication credentials
    11. 

  11.   role: "my-role"
    12. 

  12. 

  13.   # choose an authentication strategy
    14. 

  14.   # if no auth strategy is defined it falls back to using
    15. 

  15.   # credentials from the environment of the controller.
    16. 

  16.   auth:
    17. 

  17. 

  18.     # static credentials:
    19. 

  19.     # point to a secret that contains static credentials
    20. 

  20.     # like AWS_ACCESS_KEY_ID / AWS_SECRET_ACCESS_KEY
    21. 

  21.     secretRef:
    22. 

  22.       accessKeyIDSecretRef:
    23. 

  23.         name: "my-aws-creds"
    24. 

  24.         key: "key-id"
    25. 

  25.       secretAccessKeySecretRef:
    26. 

  26.         name: "my-aws-creds"
    27. 

  27.         key: "access-secret"
    28. 

  28. 

  29.   # optional request parameters for further fine-tuning the Token generation.
    30. 

  30.   requestParameters:
    31. 

  31.     serialNumber: arn:aws:iam::123456789012:mfa/user
    32. 

  32.     sessionDuration: 900
    33. 

  33.     tokenCode: "123456"
    34.