Kubernetes Operator
CRDs for automated secret management
Custom Resources
KMSSecret
Sync KMS secrets into K8s Secrets:
apiVersion: kms.lux.network/v1alpha1
kind: KMSSecret
metadata:
name: app-secrets
spec:
secretRef:
name: app-env
data:
- secretKey: DATABASE_URL
property: valueKMSPushSecret
Push K8s Secrets to KMS:
apiVersion: kms.lux.network/v1alpha1
kind: KMSPushSecret
metadata:
name: push-creds
spec:
secretRef:
name: local-secret
destination:
path: /production/creds