41 lines
No EOL
1.2 KiB
HCL
41 lines
No EOL
1.2 KiB
HCL
resource "kubernetes_secret" "vault_password" {
|
|
depends_on = [helm_release.external_secrets_operator_chart]
|
|
metadata {
|
|
name = "stackit-secretsmanager-user-password"
|
|
namespace = kubernetes_namespace.external_secrets.metadata.0.name
|
|
}
|
|
data = {
|
|
username = stackit_secretsmanager_user.user.username
|
|
password = stackit_secretsmanager_user.user.password
|
|
}
|
|
}
|
|
|
|
resource "kubernetes_manifest" "stackit_secrets_store" {
|
|
manifest = {
|
|
apiVersion = "external-secrets.io/v1"
|
|
kind = "ClusterSecretStore"
|
|
metadata = {
|
|
name = "stackit-secrets-store"
|
|
}
|
|
spec = {
|
|
provider = {
|
|
vault = {
|
|
server = "https://prod.sm.eu01.stackit.cloud"
|
|
path = stackit_secretsmanager_instance.instance.instance_id
|
|
version = "v2"
|
|
auth = {
|
|
userPass = {
|
|
path = "userpass"
|
|
username = stackit_secretsmanager_user.user.username
|
|
secretRef = {
|
|
namespace = kubernetes_secret.vault_password.metadata.0.namespace
|
|
name = kubernetes_secret.vault_password.metadata.0.name
|
|
key = "password"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
} |