Mirrors
/
flux2
mirror of https://github.com/fluxcd/flux2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #435 from phillebaba/sops-azure-auth

Browse Source 
Update authentication hint for Azure
pull/437/head
Stefan Prodan 4 years ago committed by GitHub
parent 1911766b7b b036999b8c
commit 16fa167931
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File

6
docs/guides/mozilla-sops.md
Unescape Escape View File

@ -102,10 +102,12 @@ Note that the `sops-gpg` can contain more than one key, sops will try to decrypt
secrets by iterating over all the private keys until it finds one that works.
!!! hint KMS
When using AWS/GCP KMS or Azure Key Vault, you'll have to bind an IAM Role
When using AWS/GCP KMS, you'll have to bind an IAM Role
with read access to the KMS keys to the `default` service account of the
`flux-system` namespace for kustomize-controller to be able to fetch
keys from KMS.
keys from KMS. When using Azure Key Vault you need to authenticate the kustomize controller either by passing
[Service Principal credentials as environment variables](https://github.com/mozilla/sops#encrypting-using-azure-key-vault)
or with [add-pod-identity](https://github.com/Azure/aad-pod-identity).
## GitOps workflow

Write Preview
Loading…
Cancel
Save