From 26168065f03609a0363dd9687844174c218ac44b Mon Sep 17 00:00:00 2001 From: Rodrigo Bersa Date: Wed, 11 Oct 2023 16:47:20 -0400 Subject: [PATCH] Fixing descriptoon and adding describe command --- .../security/secrets-manager/deployment.yaml | 1 + .../secrets-manager/create-secret.md | 21 ++++++++++++++++--- .../validate-cluster-resources.md | 2 +- 3 files changed, 20 insertions(+), 4 deletions(-) diff --git a/manifests/modules/security/secrets-manager/deployment.yaml b/manifests/modules/security/secrets-manager/deployment.yaml index 4c2c6cf37..0aa852023 100644 --- a/manifests/modules/security/secrets-manager/deployment.yaml +++ b/manifests/modules/security/secrets-manager/deployment.yaml @@ -2,6 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: catalog + namespace: catalog spec: template: spec: diff --git a/website/docs/security/secrets-management/secrets-manager/create-secret.md b/website/docs/security/secrets-management/secrets-manager/create-secret.md index 9f177ab4a..d47d31317 100644 --- a/website/docs/security/secrets-management/secrets-manager/create-secret.md +++ b/website/docs/security/secrets-management/secrets-manager/create-secret.md @@ -28,12 +28,27 @@ Leave the rest of the configuration with the default values, then click **Create If you prefere to use the AWS CLI, run the command like the example below in you Cloud9 Environment. ```bash -$ aws secretsmanager create-secret --name "eks-workshop/static-secret" --secret-string '{"username":"testdb_user", "password":"super-sekret"}' --region $AWS_REGION +$ aws secretsmanager create-secret --name "eks-workshop/catalog-secret" --secret-string '{"username":"catalog_user", "password":"default_password"}' --region $AWS_REGION { - "ARN": "arn:aws:secretsmanager:$AWS_REGION:$AWS_ACCOUNT_ID:secret:eks-workshop/static-secret-ABCdef", + "ARN": "arn:aws:secretsmanager:$AWS_REGION:$AWS_ACCOUNT_ID:secret:eks-workshop/catalog-secret-ABCdef", "Name": "eks-workshop/static-secret", "VersionId": "7e0b352d-6666-4444-aaaa-cec1f1d2df1b" } ``` -Validate the new stored secret in the [AWS Secrets Manager Console](https://console.aws.amazon.com/secretsmanager/listsecrets) +Validate the new stored secret in the [AWS Secrets Manager Console](https://console.aws.amazon.com/secretsmanager/listsecrets) or run the below command in your Cloud9 Environment. + +```bash +$ aws secretsmanager describe-secret --secret-id "eks-workshop/catalog-secret" +{ + "ARN": "arn:aws:secretsmanager:us-west-2:068535243777:secret:eks-workshop/catalog-secret-WDD8yS", + "Name": "eks-workshop/catalog-secret", + "LastChangedDate": "2023-10-10T20:44:51.882000+00:00", + "VersionIdsToStages": { + "94d1fe43-87f5-42fb-bf28-f6b090f0ca44": [ + "AWSCURRENT" + ] + }, + "CreatedDate": "2023-10-10T20:44:51.439000+00:00" +} +``` diff --git a/website/docs/security/secrets-management/secrets-manager/validate-cluster-resources.md b/website/docs/security/secrets-management/secrets-manager/validate-cluster-resources.md index d95cf5469..57c761c9f 100644 --- a/website/docs/security/secrets-management/secrets-manager/validate-cluster-resources.md +++ b/website/docs/security/secrets-management/secrets-manager/validate-cluster-resources.md @@ -83,7 +83,7 @@ $ kubectl -n catalog get secrets catalog-db --template {{.data.password}} | base default_password% ``` -You should also see that we already have created a *SecretProviderClass*, which is a namespaced custom resource that's used provide driver configurations and specific parameters to the your secrets in AWS Secrets Manger via CSI driver. +You should also see that we already have created a *SecretProviderClass*, which is a namespaced custom resource that's used provide driver configurations and specific parameters to access your secrets stored in AWS Secrets Manger via CSI driver. ```bash $ kubectl -n catalog get secretproviderclass -o yaml