Kubernetes Secrets
Detailed information on the Kubernetes secret cryptography component
Component format
The purpose of this component is to load the Kubernetes secret named after the key name.
Note
This component uses the cryptographic engine in Dapr to perform operations. Although keys are never exposed to your application, Dapr has access to the raw key material.A Dapr crypto.yaml
component file has the following structure:
apiVersion: dapr.io/v1alpha1
kind: Component
metadata:
name: <NAME>
spec:
type: crypto.dapr.kubernetes.secrets
version: v1
metadata:[]
Warning
The above example uses secrets as plain strings. It is recommended to use a secret store for the secrets, as described here.Spec metadata fields
Field | Required | Details | Example | |
---|---|---|---|---|
defaultNamespace |
N | Default namespace to retrieve secrets from. If unset, the namespace must be specified for each key, as namespace/secretName/key |
"default-ns" |
|
kubeconfigPath |
N | The path to the kubeconfig file. If not specified, the component uses the default in-cluster config value | "/path/to/kubeconfig" |
Related links
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.
Last modified October 25, 2024: Merge pull request #4401 from evhen14/4400-document-new-annotations (18bbd6d)