1apiVersion: external-secrets.io/v1beta1
2kind: ExternalSecret
3metadata:
4 name: edge-bsl-subscription-basic-auth
5spec:
6 data:
7 - remoteRef:
8 key: edge-bsl-basic-auth
9 property: password
10 secretKey: EDGE_BSL_BASIC_AUTH_PASSWORD
11 - remoteRef:
12 key: edge-bsl-basic-auth
13 property: username
14 secretKey: EDGE_BSL_BASIC_AUTH_USERNAME
15 refreshInterval: 1m
16 secretStoreRef:
17 name: gcp-provider
18 kind: ClusterSecretStore
19 target:
20 name: edge-bsl-basic-auth
21 creationPolicy: Owner
22---
23apiVersion: iam.cnrm.cloud.google.com/v1beta1
24kind: IAMPolicyMember
25metadata:
26 name: essa-edge-bsl-basic-auth
27spec:
28 member: serviceAccount:ext-sec-${cluster_hash}@${gcp_project_id}.iam.gserviceaccount.com
29 resourceRef:
30 apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1
31 kind: SecretManagerSecret
32 external: projects/${gcp_project_id}/secrets/edge-bsl-basic-auth
33 role: roles/secretmanager.secretAccessor
View as plain text