Initial FlexVol Setup
This commit is the first part of consuming secrets from the Azure Key Vault. This will set up the required services to consume Azure's RBAC controls in the cluster, an identity to read the secrets, and the tool (FlexVol) to mount the secrets.
This commit is contained in:
tomdds
19
deploy/azure/aadpodidentity.yml
Normal file
19
deploy/azure/aadpodidentity.yml
Normal file
@@ -0,0 +1,19 @@
|
||||
---
|
||||
apiVersion: "aadpodidentity.k8s.io/v1"
|
||||
kind: AzureIdentity
|
||||
metadata:
|
||||
name: atat-kv-identity
|
||||
spec:
|
||||
type: 0
|
||||
ResourceID: $KV_MI_ID
|
||||
ClientID: $KV_MI_CLIENT_ID
|
||||
---
|
||||
apiVersion: "aadpodidentity.k8s.io/v1"
|
||||
kind: AzureIdentityBinding
|
||||
metadata:
|
||||
name: atat-key-vault-identity-binding
|
||||
spec:
|
||||
AzureIdentity: atat-kv-identity
|
||||
Selector: atat-kv-id-binding
|
||||
---
|
||||
|
||||
Reference in New Issue
Block a user