UNCLASSIFIED - NO CUI

Skip to content

Create secret store based off of provided user values

  • Given a set of values in the values.yaml conforming to the schema that was described in the spike ticket, for each of these use cases
    • AWS Secret Manager accessed by AWS Access key and Secret Key
    • AWS Secret manager accessed by controller identity
    • Aws Secret Manager accessed by service account
  • When the chart is applied, a secret store is created in the cluster for every source described in the values.yaml
  • The secret store is accessed using the permission model described in the values.yaml for this source

Out of scope

  • Creation of the upstream object described by the source (AWS Secrets Manager, etc)
  • Creation of the upstream permission objects (Access keys, roles, etc)
  • Creation of any cluster secrets
  • Creation of any external secrets

UNCLASSIFIED - NO CUI