Skip to content

Latest commit

 

History

History
117 lines (76 loc) · 3.48 KB

kubernetes_secret.md

File metadata and controls

117 lines (76 loc) · 3.48 KB
Title Description
Kubernetes Secret Resource
Creating the Kubernetes Secret resource.

Kubernetes Secret

Manage a Kubernetes Secret using this Terraform module.

In managed clusters, both attached and provisioned, you can create Kubernetes Secret that you can manage through Tanzu Mission Control.

To create a cluster secret, you must be associated with the cluster.admin role

Policy Scope and Inheritance

In the Tanzu Mission Control resource hierarchy, there is currently one levels at which you can specify cluster secret resources:

  • Kubernetes objects - cluster block under scope sub-resource

Note: The scope parameter is mandatory in the schema and the user needs to add one of the defined scopes to the script for the provider to function. Only one scope per resource is allowed.

Cluster scoped cluster secret

Example Usage

# Read Tanzu Mission Control kubernetes secret : fetch namespace details
data "tanzu-mission-control_kubernetes_secret" "read_secret" {
  name           = "tf-secret"                # Required
  namespace_name = "tf-secret-namespace-name" # Required 

  scope {
    cluster {
      cluster_name            = "testcluster" # Required
      provisioner_name        = "attached"    # Default: attached
      management_cluster_name = "attached"    # Default: attached
    }
  }
}

Schema

Required

  • name (String) Name of the secret resource.
  • namespace_name (String) Name of Namespace where secret will be created.
  • scope (Block List, Min: 1, Max: 1) Scope for the secret having one of the valid scopes for secret: currently we have only cluster scope (see below for nested schema)

Optional

  • meta (Block List, Max: 1) Metadata for the resource (see below for nested schema)
  • org_id (String) ID of Organization.

Read-Only

  • export (Boolean) Export the secret to all namespaces.
  • id (String) The ID of this resource.
  • spec (List of Object) Spec for the kubernetes secret (see below for nested schema)
  • status (Map of String) Status for the Secret Export.

Nested Schema for scope

Optional:

Nested Schema for scope.cluster

Required:

  • cluster_name (String) Name of this cluster

Optional:

  • management_cluster_name (String) Name of the management cluster
  • provisioner_name (String) Provisioner of the cluster

Nested Schema for meta

Optional:

  • annotations (Map of String) Annotations for the resource
  • description (String) Description of the resource
  • labels (Map of String) Labels for the resource

Read-Only:

  • resource_version (String) Resource version of the resource
  • uid (String) UID of the resource

Nested Schema for spec

Read-Only:

Nested Schema for spec.docker_config_json

Read-Only:

  • image_registry_url (String)
  • password (String)
  • username (String)