Mark Brookfield virtualhobbit

## vault.yaml
apiVersion: v1
kind: Namespace
metadata:
  name: vault
  labels:
    pod-security.kubernetes.io/enforce: "privileged"

## iam_policy_cert-manager.json
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": "route53:GetChange",
      "Resource": "arn:aws:route53:::change/*"
    },
    {
      "Effect": "Allow",

## test2.js
var response = pm.response.json();
pm.environment.set("access_token", response.token);

## test1.js
var response = pm.response.json();
pm.environment.set("refresh_token", response.refresh_token);

## nginx-test.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: deployment-nginx
  labels:
    app: nginx
  namespace: nginx-test
spec:
  selector:
    matchLabels:

## install-ako-for-all.yaml
apiVersion: networking.tkg.tanzu.vmware.com/v1alpha1
kind: AKODeploymentConfig
metadata:
  name: install-ako-for-all
spec:
  extraConfigs:
    ingress:
      defaultIngressController: true
      disableIngressClass: false

## ako.txt
apiVersion: v1
data:
  apiServerPort: "8080"
  autoFQDN: disabled
  cloudName: HobbitCloud - vSphere - Utrecht
  clusterName: default-tkg-wkl-prod
  cniPlugin: antrea
  controllerIP: nl-utc-p-alb-01.mdb-lab.com
  controllerVersion: 20.1.3
  defaultIngController: "false"

## cert-nginx-test.yaml
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: nginx-test-tkg-mdb-lab-com
  namespace: nginx-test
spec:
  secretName: nginx-test-tkg-mdb-lab-com
  issuerRef:
    name: vault-cluster-issuer
    kind: ClusterIssuer

## acl_sa_cert-manager.hcl
path "pki/sign/mdb-lab-dot-com" {
  capabilities = ["create", "update"]
}

## vault-issuer.yaml
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: vault-cluster-issuer
spec:
  vault:
    path: pki/sign/<insert PKI issuer here>
    server: https://<insert Vault server here>:8200
    caBundle: <base64 encoded caBundle PEM file>
    auth:
	apiVersion: v1
	kind: Namespace
	metadata:
	name: vault
	labels:
	pod-security.kubernetes.io/enforce: "privileged"
	{
	"Version": "2012-10-17",
	"Statement": [
	{
	"Effect": "Allow",
	"Action": "route53:GetChange",
	"Resource": "arn:aws:route53:::change/*"
	},
	{
	"Effect": "Allow",
	var response = pm.response.json();
	pm.environment.set("access_token", response.token);
	var response = pm.response.json();
	pm.environment.set("refresh_token", response.refresh_token);
	apiVersion: apps/v1
	kind: Deployment
	metadata:
	name: deployment-nginx
	labels:
	app: nginx
	namespace: nginx-test
	spec:
	selector:
	matchLabels:
	apiVersion: networking.tkg.tanzu.vmware.com/v1alpha1
	kind: AKODeploymentConfig
	metadata:
	name: install-ako-for-all
	spec:
	extraConfigs:
	ingress:
	defaultIngressController: true
	disableIngressClass: false
	apiVersion: v1
	data:
	apiServerPort: "8080"
	autoFQDN: disabled
	cloudName: HobbitCloud - vSphere - Utrecht
	clusterName: default-tkg-wkl-prod
	cniPlugin: antrea
	controllerIP: nl-utc-p-alb-01.mdb-lab.com
	controllerVersion: 20.1.3
	defaultIngController: "false"
	apiVersion: cert-manager.io/v1
	kind: Certificate
	metadata:
	name: nginx-test-tkg-mdb-lab-com
	namespace: nginx-test
	spec:
	secretName: nginx-test-tkg-mdb-lab-com
	issuerRef:
	name: vault-cluster-issuer
	kind: ClusterIssuer
	path "pki/sign/mdb-lab-dot-com" {
	capabilities = ["create", "update"]
	}