Options
All
  • Public
  • Public/Protected
  • All
Menu

Kubernetes authenticates with Vault by passing the ServiceAccount token stored in the named Secret resource to the Vault server.

schema

IssuerSpecVaultAuthKubernetes

Hierarchy

  • IssuerSpecVaultAuthKubernetes

Index

Properties

Properties

Optional Readonly mountPath

mountPath: string

The Vault mountPath here is the mount path to use when authenticating with Vault. For example, setting a value to /v1/auth/foo, will use the path /v1/auth/foo/login to authenticate with Vault. If unspecified, the default value "/v1/auth/kubernetes" will be used.

schema

IssuerSpecVaultAuthKubernetes#mountPath

Readonly role

role: string

A required field containing the Vault Role to assume. A Role binds a Kubernetes ServiceAccount with a set of Vault policies.

schema

IssuerSpecVaultAuthKubernetes#role

Readonly secretRef

The required Secret field containing a Kubernetes ServiceAccount JWT used for authenticating with Vault. Use of 'ambient credentials' is not supported.

schema

IssuerSpecVaultAuthKubernetes#secretRef

Generated using TypeDoc