Creating Secrets in Kubernetes

Overview

The Apono Connector uses the Kubernetes Secrets to connect to resource integration without storing any secrets.

Step by step guide

Prerequisites

  1. An Apono connector installed in your Kubernetes cluster

Create a new secret for Apono

  1. Create the secret

๐Ÿ“˜

NOTE: each integration requires different secret parameters

Consult the integration's guide to learn more

kubectl create secret generic <<SecretName>> <INSERT PARAM PAIRS HERE> 
  • Param format: --from-literal=PARAM KEY=PARAM VALUE
    Repeat this for each required param, based on the integration parameters.
  1. Label the secret with apono-connector-read: true:
  kubectl label secret <<SecretName>> "apono-connector-read=true"
  1. Give the Apono connector permissions to the secret:
helm upgrade apono-connector apono-connector --repo https://apono-io.github.io/apono-helm-charts \
    --set-string apono.token=[APONO_TOKEN] \
    --set-string apono.connectorId=[CONNECTOR_NAME] \
    --set serviceAccount.manageClusterRoles=true \
    --set allowedSecretsToRead={secret1\,secret2\,secret3} \
    --namespace apono-connector 

Provide Apono with the secret

  1. When adding a new integration, provide the secret details:
  2. Namespace
  3. Secret name