Skip to content

Instantly share code, notes, and snippets.

@k4kratik
Last active October 19, 2023 10:10
Show Gist options
  • Save k4kratik/9b8583d155423490cee0cd823d017da2 to your computer and use it in GitHub Desktop.
Save k4kratik/9b8583d155423490cee0cd823d017da2 to your computer and use it in GitHub Desktop.
secret-store.yaml
apiVersion: external-secrets.io/v1beta1
kind: ClusterSecretStore
metadata:
name: vault-secret-store
spec:
provider:
vault:
server: "https://vault.vault-operator:8200"
# adding this to verify CA, as we are using self-signed certificates.
caProvider:
name: vault-tls
namespace: vault-operator
type: Secret
key: ca.crt
path: "secret" #! Path for your secret engine in Vault.
version: "v2"
auth:
kubernetes:
mountPath: "k8s-one" #! name of the kubernetes auth
role: "k8s-one-external-secrets-role" #! role for kubernetes auth
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment