terraform/website/source/docs/providers/kubernetes/r/secret.html.markdown

3.6 KiB

layout page_title sidebar_current description
kubernetes Kubernetes: kubernetes_secret docs-kubernetes-resource-secret The resource provides mechanisms to inject containers with sensitive information while keeping containers agnostic of Kubernetes.

kubernetes_secret

The resource provides mechanisms to inject containers with sensitive information, such as passwords, while keeping containers agnostic of Kubernetes. Secrets can be used to store sensitive information either as individual properties or coarse-grained entries like entire files or JSON blobs. The resource will by default create a secret which is available to any pod in the specified (or default) namespace.

~> Read more about security properties and risks involved with using Kubernetes secrets: https://kubernetes.io/docs/user-guide/secrets/#security-properties

~> Note: All arguments including the secret data will be stored in the raw state as plain-text. Read more about sensitive data in state.

Example Usage

resource "kubernetes_secret" "example" {
  metadata {
    name = "basic-auth"
  }

  data {
    username = "admin"
    password = "P4ssw0rd"
  }

  type = "kubernetes.io/basic-auth"
}

Example Usage (Docker config)

resource "kubernetes_secret" "example" {
  metadata {
    name = "docker-cfg"
  }

  data {
    ".dockercfg" = "${file("${path.module}/.docker/config.json")}"
  }

  type = "kubernetes.io/dockercfg"
}

Argument Reference

The following arguments are supported:

Nested Blocks

metadata

Arguments

Attributes

Import

Secret can be imported using its namespace and name, e.g.

$ terraform import kubernetes_secret.example default/my-secret