Mirrors/flux2
1
0
Fork 0
mirror of synced 2026-02-13 13:06:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

update guide for mozilla sops

Browse Source 
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
This commit is contained in:
Somtochi Onyekwere
2021-01-20 13:00:14 +01:00
parent 81f68157fa
commit 5f759200c6
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
docs/guides/mozilla-sops.md
View File

@@ -106,7 +106,8 @@ secrets by iterating over all the private keys until it finds one that works.
### Using various cloud providers ### Using various cloud providers
When using AWS/GCP KMS, you'll have to bind an IAM Role with access to the KMS When using AWS/GCP KMS, you don't have to include the gpg `secretRef` under
`spec.provider` (you can skip the `--decryption-secret` flag when running `flux create kustomization`), instead you'll have to bind an IAM Role with access to the KMS
keys to the `default` service account of the `flux-system` namespace for keys to the `default` service account of the `flux-system` namespace for
kustomize-controller to be able to fetch keys from KMS. kustomize-controller to be able to fetch keys from KMS.