mirrors/ceph-csi
1
0
Fork 0
mirror of https://github.com/ceph/ceph-csi.git synced 2024-11-10 08:20:23 +00:00
Code Issues Packages Projects Releases Wiki Activity
0ab8e6a2f5
ceph-csi/charts/ceph-csi-rbd/templates
History
Rakshith R 4f0bb2315b rbd: add aws-sts-metdata encryption type 
With Amazon STS and kubernetes cluster is configured with
OIDC identity provider, credentials to access Amazon KMS
can be fetched using oidc-token(serviceaccount token).
Each tenant/namespace needs to create a secret with aws region,
role and CMK ARN.
Ceph-CSI will assume the given role with oidc token and access
aws KMS, with given CMK to encrypt/decrypt DEK which will stored
in the image metdata.

Refer: https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html
Resolves: #2879

Signed-off-by: Rakshith R <rar@redhat.com>
2022-03-16 07:29:56 +00:00
..
_helpers.tpl refactor: Merge 1.13 and 1.14 Helm charts and improve charts 2019-09-27 05:49:18 +00:00
ceph-conf.yaml helm: make ceph.conf ConfigMap name configurable 2022-02-21 07:25:22 +00:00
csidriver-crd.yaml helm: correct the groupVersion of CSIDriver in the chart 2021-08-16 15:21:27 +00:00
csiplugin-configmap.yaml helm: csiplugin-configmap generates invalid configuation 2021-11-25 06:31:38 +00:00
encryptionkms-configmap.yaml Adds per volume encryption with Vault integration 2020-02-05 05:18:56 +00:00
nodeplugin-clusterrole.yaml deploy: add few more cluster-roles for rbd nodeplugin 2021-07-16 16:30:58 +00:00
nodeplugin-clusterrolebinding.yaml helm: Fix missing ClusterRoleBinding for nodeplugin ServiceAccount 2021-12-22 11:06:11 +00:00
nodeplugin-daemonset.yaml rbd: add aws-sts-metdata encryption type 2022-03-16 07:29:56 +00:00
nodeplugin-http-service.yaml refactor: Merge 1.13 and 1.14 Helm charts and improve charts 2019-09-27 05:49:18 +00:00
nodeplugin-psp.yaml helm: Add selinuxMount flag to enable/disable /etc/selinux host mount 2022-02-16 12:48:00 +00:00
nodeplugin-role.yaml Added PodSecurityPolicy support 2020-01-22 08:19:42 +00:00
nodeplugin-rolebinding.yaml Added PodSecurityPolicy support 2020-01-22 08:19:42 +00:00
nodeplugin-serviceaccount.yaml refactor: Merge 1.13 and 1.14 Helm charts and improve charts 2019-09-27 05:49:18 +00:00
NOTES.txt deploy: use "devel" branch instead of "master" 2021-03-01 10:51:30 +05:30
provisioner-clusterrole.yaml deploy: update csi-snapshotter sidecar to v5.0.1 2022-02-03 19:01:57 +00:00
provisioner-clusterrolebinding.yaml refactor: Merge 1.13 and 1.14 Helm charts and improve charts 2019-09-27 05:49:18 +00:00
provisioner-deployment.yaml rbd: add aws-sts-metdata encryption type 2022-03-16 07:29:56 +00:00
provisioner-http-service.yaml refactor: Merge 1.13 and 1.14 Helm charts and improve charts 2019-09-27 05:49:18 +00:00
provisioner-psp.yaml helm: reduce the PSP permission for rbd deployment 2021-09-22 07:12:34 +00:00
provisioner-role.yaml deploy: update deployment template for new controller 2020-11-28 18:50:00 +00:00
provisioner-rolebinding.yaml refactor: Merge 1.13 and 1.14 Helm charts and improve charts 2019-09-27 05:49:18 +00:00
provisioner-serviceaccount.yaml refactor: Merge 1.13 and 1.14 Helm charts and improve charts 2019-09-27 05:49:18 +00:00
secret.yaml helm: Add csi secret template to ceph-csi-rbd 2021-07-06 10:55:41 +00:00
storageclass.yaml helm: remove namespace from storageclass yaml 2022-02-11 12:32:58 +00:00