Configuring the ESO Secret Store

You use a SecretStore configuration (a YAML file) for the Kubernetes ESO integration to provide the information about how to access the Secret Server API.

To create a SecretStore configuration:

  1. Create a YAML file for your SecretStore configuration.

  2. Go to the Delinea Secret Server page in the Kubernetes ESO GitHub repo and in the "Creating a SecretStore" section, copy the content from the SecretStore configuration example into your YAML file.

  3. Modify the copied YAML file. Provide the following information to enable the integration to authenticate with and access the Secret Server API:

    • metadata.name: The name of the SecretStore configuration.

    • spec.provider.secretserver.serverURL: The URL of your Secret Server tenant (for example, https://yourtenantname.secretservercloud.com).

    • spec.provider.username.value: The username of the Secret Server application account.

    • spec.provider.password.secretRef: The reference to the Kubernetes Secret that contains the password of the application account.

      You can also specify the password directly in the value field similarly to how you specify the username.

  4. Save the YAML file.

  5. In a terminal window, change to the directory where you saved the YAML file.

  6. To create a SecretStore resource for your SecretStore configuration in your cluster, apply the YAML file to the cluster:

    kubectl apply -f "file-name.yaml"