Supported Secret Types

KEYVALUE

The KEYVALUE-Type is made for synchronising Secrets stored in a KV Secret Engine with Kubernetes Secrets. For more details please see: KEYVALUE

KEYVALUE2

The KEYVALUEV2-Type is made for synchronising Secrets stored in the new KV2 Secret Engine with Kubernetes Secrets. For more details please see: KEYVALUE2

PKI

The PKI-Type works in combination with a HashiCorp Vault PKI Secret Engine and requests new certificates if the old ones are expired. For more details please see: PKI

PKIJKS

The PKIJKS-Type is the same as the PKI-Type, but in this case a Java Key Store is generated and saved as secret. For more details please see: PKIJKS

CERT

The CERT-Type is for saved TLS Certificates in a specific format in a simple KV Secret Engine. It can be used to hold Kubernetes Ingress Certificates up to date. E.g. The certificate changes after a specific time, then no change has to be made, only the certificate must be overwritten. For more details please see: CERT

CERTJKS

The CERTJKS-Type is the same as the CERT-Type, but in this case a Java Key Store is generated and saved as secret. For more details please see: CERTJKS

DOCKERCFG

The DOCKERCFG-Type is made to share Docker Pull Secrets with Kubernetes by saving it in a specific format in the KV Secret Engine of Vault. For more details please see: DOCKERCFG

PROPERTIES

The PROPERTIES-Type is for rendering property-files based on secrets stored in HashiCorp Vault in the mountpoints for kv-1 or kv-2. For more details please see: PROPERTIES