External Secrets Operator
Definition
The External Secrets Operator is a Kubernetes operator that integrates external secret management systems, such as AWS Secrets Manager, HashiCorp Vault, or Azure Key Vault, with Kubernetes. It allows Kubernetes applications to securely consume secrets stored outside the cluster by syncing them into Kubernetes secrets, ensuring that sensitive information is managed according to best practices and compliance requirements.
Secure Settings Example
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: my-secret
spec:
refreshInterval: 1h
secretStoreRef:
name: my-secret-store
kind: SecretStore
target:
name: my-k8s-secret
creationPolicy: Owner
data:
- secretKey: username
remoteRef:
key: /path/to/secret
property: username
- secretKey: password
remoteRef:
key: /path/to/secret
property: password
Insecure Settings Example
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: my-secret
spec:
refreshInterval: 24h
secretStoreRef:
name: my-secret-store
kind: SecretStore
target:
name: my-k8s-secret
creationPolicy: Merge
data:
- secretKey: username
remoteRef:
key: /path/to/secret
- secretKey: password
remoteRef:
key: /path/to/secret