Skip to content
/ k8s-sm-eso Public

Integrates AWS Secrets Manager in an Kubernetes Cluster with External Secrets Operator

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

osvaldot/k8s-sm-eso

BranchesTags

Repository files navigation

Integrate external secret management systems in Kubernetes

How to manage our Kubernetes secrets with AWS Secrets Manager as a single source of truth with External Secrets Operator in AWS Elastic Kubernetes Service

Note: the project is NOT a production ready code, is a sample code used in Spakfabrik tech blog, in Integrate external secrets management systems in Kubernetes post

Prerequisites

Before we start, let's make sure we meet these requirements:

  • An AWS account and an IAM user with administrator permissions
  • Docker installed and running on your local machine
  • A basic knowledge of Terraform

Copy env.template to .env file and use your IAM user credentials to fill AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY values, then specify the AWS_DEFAULT_REGION.

Build cli docker image

$ make build-cli

Build

$ make cli

$ terraform init

$ terraform validate

$ terraform plan

$ terraform apply

kubectl configuration

Inside the cli

$ aws eks update-kubeconfig --region REGION --name CLUSTER_NAME

Tips

Force secret update

$ kubectl annotate es externalsecret-example -n example force-sync=$(date +%s) --overwrite

Verify secrets

$ kubectl get secret example-secret -n example -o jsonpath='{.data}' $ echo 'MTIzNDU2' | base64 -d

About

Integrates AWS Secrets Manager in an Kubernetes Cluster with External Secrets Operator

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages