f8e95ae104
This commit is the first part of consuming secrets from the Azure Key Vault. This will set up the required services to consume Azure's RBAC controls in the cluster, an identity to read the secrets, and the tool (FlexVol) to mount the secrets.
20 lines
363 B
YAML
20 lines
363 B
YAML
---
|
|
apiVersion: "aadpodidentity.k8s.io/v1"
|
|
kind: AzureIdentity
|
|
metadata:
|
|
name: atat-kv-identity
|
|
spec:
|
|
type: 0
|
|
ResourceID: $KV_MI_ID
|
|
ClientID: $KV_MI_CLIENT_ID
|
|
---
|
|
apiVersion: "aadpodidentity.k8s.io/v1"
|
|
kind: AzureIdentityBinding
|
|
metadata:
|
|
name: atat-key-vault-identity-binding
|
|
spec:
|
|
AzureIdentity: atat-kv-identity
|
|
Selector: atat-kv-id-binding
|
|
---
|
|
|