mirror of
https://github.com/ceph/ceph-csi.git
synced 2024-12-23 21:40:20 +00:00
doc: add configuration example for Amazon KMS
Signed-off-by: Niels de Vos <ndevos@redhat.com>
This commit is contained in:
parent
e1f8b1d44a
commit
f172e6956b
13
examples/kms/vault/aws-credentials.yaml
Normal file
13
examples/kms/vault/aws-credentials.yaml
Normal file
@ -0,0 +1,13 @@
|
||||
---
|
||||
# This is an example Kubernetes Secret that can be created in the Kubernetes
|
||||
# Namespace where Ceph-CSI is deployed. The contents of this Secret will be
|
||||
# used to connect to the Amazon KMS.
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: ceph-csi-aws-credentials
|
||||
stringData:
|
||||
AWS_ACCESS_KEY_ID: "AKIAIOSFODNN7EXAMPLE"
|
||||
AWS_SECRET_ACCESS_KEY: "JalrXUtnFEMI/K7MDENG/bPxRfiCYzEXAMPLEKEY"
|
||||
AWS_SESSION_TOKEN: ""
|
||||
AWS_CMK_ARN: "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab"
|
@ -35,5 +35,11 @@ data:
|
||||
{
|
||||
"encryptionKMSType": "metadata"
|
||||
}
|
||||
aws-metadata-test: |-
|
||||
{
|
||||
"KMS_PROVIDER": "aws-metadata",
|
||||
"KMS_SECRET_NAME": "ceph-csi-aws-credentials",
|
||||
"AWS_REGION": "us-west-2"
|
||||
}
|
||||
metadata:
|
||||
name: csi-kms-connection-details
|
||||
|
Loading…
Reference in New Issue
Block a user