Blog >

External Secrets Operator

External Secrets Operator

External Secrets Operator is a Kubernetes operator that integrates external secret management systems like AWS Secrets Manager, HashiCorp Vault, Google Secrets Manager, Azure Key Vault.

The goal of External Secrets Operator is to synchronize secrets from external APIs into Kubernetes. ESO is a collection of custom API resources - ExternalSecret, SecretStore and ClusterSecretStore

Architecture

Resource Model

Kubernetes Secrets integration with AWS Secrets Manager using External Secrets Operator (ESO)

Step 1: Create a secret in AWS Secrets Manager

Step 2: Create an AWS IAM Policy and IAM Role

IAM Policy

Step-3 Install External-secrets on kubernetes cluster

External-secrets runs within your Kubernetes cluster as a deployment resource. It utilizes CustomResourceDefinitions to configure access to secret providers through SecretStore resources and manages Kubernetes secret resources with ExternalSecret resources.

Install from chart repository

Step-4 Create Service Account

Step-5 Create SecretStore

Create a file 'basic-secret-store.yaml' with the following content.

Step-6 Create ExternalSecret

Create a file 'basic-external-secret.yaml' with the following content.

Step-7 Apply SecretStore and ExternalSecret

Once External Secret is created. It will fetch the secret value from secret manager and create Kubernetes secret in cluster. You can check the secret created and the value.

Quick Demo

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Popular Posts

Recent posts

External Secrets Operator
Running Production EKS on SPOT

Start your cloud transformation now.

TALK TO OUR EXPERTS
Infra360

GET READY TO KNOW THE LASTEST UPDATE!

Sign up for our newsletter and stay up-to-date on the latest event trends, industry news, and exclusive Eventify promotions.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.