1apiVersion: iam.cnrm.cloud.google.com/v1beta1
2kind: IAMServiceAccountKey
3metadata:
4 name: external-secrets-gcp-api-key
5spec:
6 serviceAccountRef:
7 name: placeholder
8---
9apiVersion: iam.cnrm.cloud.google.com/v1beta1
10kind: IAMServiceAccountKey
11metadata:
12 name: gcp-creds
13spec:
14 serviceAccountRef:
15 name: placeholder
16---
17apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1
18kind: SecretManagerSecret
19metadata:
20 name: external-secrets-${cluster_uuid}-gcp-api-key
21spec:
22 replication:
23 automatic: true
24---
25apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1
26kind: SecretManagerSecretVersion
27metadata:
28 name: external-secrets-${cluster_uuid}-gcp-api-key
29spec:
30 secretRef:
31 name: external-secrets-${cluster_uuid}-gcp-api-key
32 enabled: false
33 secretData:
34 valueFrom:
35 secretKeyRef:
36 name: external-secrets-gcp-api-key
37 key: key.json
38---
39apiVersion: secretmanager.cnrm.cloud.google.com/v1beta1
40kind: SecretManagerSecretVersion
41metadata:
42 name: external-secrets-${cluster_uuid}-gcp-api-key-2
43spec:
44 secretRef:
45 name: external-secrets-${cluster_uuid}-gcp-api-key
46 enabled: true
47 secretData:
48 valueFrom:
49 secretKeyRef:
50 name: gcp-creds
51 key: key.json
View as plain text