Layer7 API Management

  • Private Community
 View Only

 External Secrets operator

Jump to  Best Answer
Alexander van den Brink's profile image
Alexander van den Brink posted Jul 17, 2024 04:21 AM

Hi,

Reading through the documentation for externalsecrets it's possible to create stored passwords using Kubernetes secrets, though the way I understand how it's implemented you are required to create a kubernetes secret for every stored password you want available in the gateway, is there a way to have just one secret that contains all the stored passwords to be used in the gateway?

Kind regards,

Alexander

Gary Vermeulen's profile image
Broadcom Employee Gary Vermeulen posted Jul 17, 2024 06:31 PM  Best Answer

Hi Alexander,

Yes, you can have Kubernetes secrets that contain multiple keys. It is not a 1:1 mapping. 

The top level settings will apply to all keys in a secret.

Example - Kubernetes Secret (mysupersecrets)

username: username

password: password

    externalSecrets:
      - name: mysupersecrets
        enabled: true
        description: top secret
        variableReferencable: true
        encryption:
          passphrase: 7layer
          existingSecret: ""
          key: ""

Let me know if this does not work as expected

Kind regards,

Gary Vermeulen.