issues
search
ThomasBuchinger
/
voodoo-gitops
Sinlge-Board-Computer Kubernetes Cluster using cloud-init + GitOps for Management
0
stars
0
forks
source link
Enable OIDC login
#12
Closed
ThomasBuchinger
closed
2 years ago
ThomasBuchinger
commented
2 years ago
Vault is now a OIDC provider
Configure Kubernetes to use Vault for authentication
Add a CronJob that configures the Host for OIDC authentication
Increase Terraform interval to 5m
Save a finished kubecnfig in Vault for easier setup
Add user public/public to Vault. This user can be used to access non secret data in vault
Move existing Secrets to the new Secret-Structure
Reduce TTL on Vaults Kubernetes-Auth to 5m
Use different SecretEngines for static secrets, generated secrets and non secret data
Add ClusterSecretStores for the new SecretEngines