Skip to content

Commit

Permalink
Fixing descriptoon and adding describe command
Browse files Browse the repository at this point in the history
  • Loading branch information
rodrigobersa committed Oct 11, 2023
1 parent ba426f0 commit 2616806
Show file tree
Hide file tree
Showing 3 changed files with 20 additions and 4 deletions.
1 change: 1 addition & 0 deletions manifests/modules/security/secrets-manager/deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ apiVersion: apps/v1
kind: Deployment
metadata:
name: catalog
namespace: catalog
spec:
template:
spec:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -28,12 +28,27 @@ Leave the rest of the configuration with the default values, then click **Create
If you prefere to use the AWS CLI, run the command like the example below in you Cloud9 Environment.

```bash
$ aws secretsmanager create-secret --name "eks-workshop/static-secret" --secret-string '{"username":"testdb_user", "password":"super-sekret"}' --region $AWS_REGION
$ aws secretsmanager create-secret --name "eks-workshop/catalog-secret" --secret-string '{"username":"catalog_user", "password":"default_password"}' --region $AWS_REGION
{
"ARN": "arn:aws:secretsmanager:$AWS_REGION:$AWS_ACCOUNT_ID:secret:eks-workshop/static-secret-ABCdef",
"ARN": "arn:aws:secretsmanager:$AWS_REGION:$AWS_ACCOUNT_ID:secret:eks-workshop/catalog-secret-ABCdef",
"Name": "eks-workshop/static-secret",
"VersionId": "7e0b352d-6666-4444-aaaa-cec1f1d2df1b"
}
```

Validate the new stored secret in the [AWS Secrets Manager Console](https://console.aws.amazon.com/secretsmanager/listsecrets)
Validate the new stored secret in the [AWS Secrets Manager Console](https://console.aws.amazon.com/secretsmanager/listsecrets) or run the below command in your Cloud9 Environment.

```bash
$ aws secretsmanager describe-secret --secret-id "eks-workshop/catalog-secret"
{
"ARN": "arn:aws:secretsmanager:us-west-2:068535243777:secret:eks-workshop/catalog-secret-WDD8yS",
"Name": "eks-workshop/catalog-secret",
"LastChangedDate": "2023-10-10T20:44:51.882000+00:00",
"VersionIdsToStages": {
"94d1fe43-87f5-42fb-bf28-f6b090f0ca44": [
"AWSCURRENT"
]
},
"CreatedDate": "2023-10-10T20:44:51.439000+00:00"
}
```
Original file line number Diff line number Diff line change
Expand Up @@ -83,7 +83,7 @@ $ kubectl -n catalog get secrets catalog-db --template {{.data.password}} | base
default_password%
```

You should also see that we already have created a *SecretProviderClass*, which is a namespaced custom resource that's used provide driver configurations and specific parameters to the your secrets in AWS Secrets Manger via CSI driver.
You should also see that we already have created a *SecretProviderClass*, which is a namespaced custom resource that's used provide driver configurations and specific parameters to access your secrets stored in AWS Secrets Manger via CSI driver.

```bash
$ kubectl -n catalog get secretproviderclass -o yaml
Expand Down

0 comments on commit 2616806

Please sign in to comment.