CCE Secrets Manager for DEW
Add-on Overview
The CCE Secrets Manager for DEW add-on (dew-provider) is used to interconnect with Data Encryption Workshop (DEW). This add-on allows you to mount secrets stored outside a cluster (DEW for storing sensitive information) to pods. In this way, sensitive information can be decoupled from the cluster environment, which prevents information leakage caused by program hardcoding or plaintext configuration.
Add-on Parameters
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
basic |
No |
object |
Basic configuration parameters, which do not need to be specified |
|
custom |
Yes |
Table 2 object |
Custom parameters |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
rotation_poll_interval |
No |
String |
Rotation interval. The default value is 2m. The rotation interval specifies the interval for sending requests to Cloud Secret Management Service (CSMS) and getting the latest credentials. The proper interval is [1m, 1440m]. |
Example Request
{
"kind": "Addon",
"apiVersion": "v3",
"metadata": {
"annotations": {
"addon.install/type": "install"
}
},
"spec": {
"clusterID": "2292498e-d169-******-0255ac1001ba",
"version": "1.1.1",
"addonTemplateName": "dew-provider",
"values": {
"basic": {
"basickey":"val"
},
"flavor": {
"resources": [{
"limitsCpu": "100m",
"limitsMem": "100Mi",
"name": "dew-provider",
"requestsCpu": "100m",
"requestsMem": "100Mi"
}]
},
"custom": {
"rotation_poll_interval": "2m"
}
}
}
}
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
