Secret Type - KEYVALUE

The KEYVALUE-Type is made for synchronising Secrets stored in a KV Secret Engine with Kubernetes Secrets.

It only supports simple Key-Value pairs and not nested Values.

How To

First write some secrets to HashiCorp Vault:

$ vault write secret/test-secret key=value key1=value1

After this create the following Vault-Resource and apply it to Kubernetes:

apiVersion: ""
kind: Vault
  name: test-secret
  type: "KEYVALUE"
  path: "secret/test-secret"

Now you should see, that new Secret and the Vault resource are available:

$ kubectl get vault test-secret
NAME             AGE
test-secret      7d
$ kubectl get secret test-secret
NAME                                   TYPE                                  DATA      AGE
test-secret                            Opaque                                2         7d

Change Adjustment Callback

For more details please see Change Detection!

Last updated