mirror of
https://github.com/marcel-dempers/docker-development-youtube-series.git
synced 2025-06-06 17:01:30 +00:00
20 lines
577 B
Markdown
20 lines
577 B
Markdown
# Enable Kubernetes Vault Auth
|
|
|
|
```
|
|
kubectl -n vault-example exec -it vault-example-0 sh
|
|
|
|
vault login
|
|
vault auth enable kubernetes
|
|
|
|
vault write auth/kubernetes/config \
|
|
token_reviewer_jwt="$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)" \
|
|
kubernetes_host=https://${KUBERNETES_PORT_443_TCP_ADDR}:443 \
|
|
kubernetes_ca_cert=@/var/run/secrets/kubernetes.io/serviceaccount/ca.crt
|
|
|
|
vault write auth/kubernetes/role/myapp \
|
|
bound_service_account_names=app \
|
|
bound_service_account_namespaces=vault-example \
|
|
policies=app \
|
|
ttl=1h
|
|
|
|
``` |