kupe_secret
Manages a Kupe Cloud secret definition and its sync targets.
Example Usage
Section titled “Example Usage”resource "kupe_secret" "app_config" { name = "app-config" secret_path = "apps/app-config"
sync = [ { cluster = "production" namespace = "hello" }, { cluster = "staging" namespace = "hello" }, ]}Schema
Section titled “Schema”Required
Section titled “Required”name(String) Secret name (immutable after creation).secret_path(String) OpenBao KV v2 key path for the stored value. Immutable after creation.
Optional
Section titled “Optional”sync(Attributes List) Cluster/namespace targets to sync this secret to. (see below for nested schema)
Read-Only
Section titled “Read-Only”created_at(String) Timestamp when the managed secret definition was created.etag(String) Resource version used for optimistic locking during updates.phase(String) Current sync phase for the managed secret.
Nested Schema for sync
Section titled “Nested Schema for sync”Required:
cluster(String) Target cluster name.namespace(String) Target namespace in the cluster.
Optional:
secret_name(String) Override the K8s secret name (defaults to the managed secret name).
Import
Section titled “Import”Import is supported using the following syntax:
The terraform import command can be used, for example:
terraform import kupe_secret.app_config app-config