Creating Secrets in Kubernetes
Overview
The Apono Connector uses the Kubernetes Secrets to connect to resource integration without storing any secrets.
Step by step guide
Prerequisites
- An Apono connector installed in your Kubernetes cluster
Create a new secret for Apono
- Create the secret
NOTE: each integration requires different secret parameters
Consult the integration's guide to learn more
kubectl create secret generic <<SecretName>> <INSERT PARAM PAIRS HERE>
- Param format:
--from-literal=PARAM KEY=PARAM VALUE
Repeat this for each required param, based on the integration parameters.
- Label the secret with
apono-connector-read: true
:
kubectl label secret <<SecretName>> "apono-connector-read=true"
- Give the Apono connector permissions to the secret:
helm upgrade apono-connector apono-connector --repo https://apono-io.github.io/apono-helm-charts \
--set-string apono.token=[APONO_TOKEN] \
--set-string apono.connectorId=[CONNECTOR_NAME] \
--set serviceAccount.manageClusterRoles=true \
--set allowedSecretsToRead={secret1\,secret2\,secret3} \
--namespace apono-connector
Provide Apono with the secret
- When adding a new integration, provide the secret details:
- Namespace
- Secret name
Updated about 1 month ago