Configuring the ESO Secret Store

You use a SecretStore configuration (a YAML file) for the Kubernetes ESO integration to provide the information about how to access the Secret Server API or the Delinea Platform API, depending on which Delinea product you use for this integration.

To create a SecretStore configuration:

1. Create a YAML file for your SecretStore configuration.

2. Go to the Delinea Secret-Server/Platform document in the Kubernetes ESO GitHub repo and in the "Creating a SecretStore" section, copy the content from the SecretStore configuration example for Secret Server or the Delinea Platform into your YAML file.

3. Modify the copied YAML file. Provide the following information to enable the integration to authenticate with and access the Secret Server API:

   • metadata.name: The name of the SecretStore configuration.

   • spec.provider.secretserver.serverURL: The URL of your Secret Server tenant (for example, https://yourtenantname.secretservercloud.com) or the Delinea Platform tenant (for example, https://yourTenantName.delinea.app).

   • spec.provider.username.value: The username of the Secret Server application account or the Delinea Platform service user.

   • spec.provider.password.secretRef: The reference to the Kubernetes Secret that contains the password of the Secret Server application account or of the Delinea Platform service user.

     You can also specify the password directly in the value field similarly to how you specify the username.

4. Save the YAML file.

5. In a terminal window, change to the directory where you saved the YAML file.

6. To create a SecretStore resource for your SecretStore configuration in your cluster, apply the YAML file to the cluster:

   kubectl apply -f "<file-name>.yaml"