theshire/.archive/vault/app/externalsecret.yaml

---
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
  name: vault
  namespace: security
spec:
  secretStoreRef:
    kind: ClusterSecretStore
    name: onepassword-connect
  target:
    name: vault-secret
    creationPolicy: Owner
  data:
    - secretKey: AWS_SECRET_ACCESS_KEY
      remoteRef:
        key: vault
        property: AWS_SECRET_ACCESS_KEY
    - secretKey: AWS_ACCESS_KEY_ID
      remoteRef:
        key: vault
        property: AWS_ACCESS_KEY_ID
    - secretKey: VAULT_AWSKMS_SEAL_KEY_ID
      remoteRef:
        key: vault
        property: VAULT_AWSKMS_SEAL_KEY_ID
add auto unseal, replicas 3 2024-09-11 00:16:07 -05:00			`---`
			`# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json`
			`apiVersion: external-secrets.io/v1beta1`
			`kind: ExternalSecret`
			`metadata:`
			`name: vault`
			`namespace: security`
			`spec:`
			`secretStoreRef:`
			`kind: ClusterSecretStore`
			`name: onepassword-connect`
			`target:`
			`name: vault-secret`
			`creationPolicy: Owner`
			`data:`
			`- secretKey: AWS_SECRET_ACCESS_KEY`
			`remoteRef:`
			`key: vault`
			`property: AWS_SECRET_ACCESS_KEY`
			`- secretKey: AWS_ACCESS_KEY_ID`
			`remoteRef:`
			`key: vault`
			`property: AWS_ACCESS_KEY_ID`
			`- secretKey: VAULT_AWSKMS_SEAL_KEY_ID`
			`remoteRef:`
			`key: vault`
			`property: VAULT_AWSKMS_SEAL_KEY_ID`