Structs§
- Secret
Class - Auto-generated derived type for SecretClassSpec via
CustomResource - Secret
Class Backend - Each SecretClass is associated with a single [backend](https://docs.stackable.tech/home/nightly/secret-operator/secretclass#backend), which dictates the mechanism for issuing that kind of Secret.
- Secret
Class Backend Auto Tls - The [
autoTlsbackend](https://docs.stackable.tech/home/nightly/secret-operator/secretclass#backend-autotls) issues a TLS certificate signed by the Secret Operator. The certificate authority can be provided by the administrator, or managed automatically by the Secret Operator. - Secret
Class Backend Auto TlsAdditional Trust Roots - Secret
Class Backend Auto TlsAdditional Trust Roots Config Map - Reference (name and namespace) to a Kubernetes ConfigMap object where additional certificates are stored. The extensions of the keys denote its contents: A key suffixed with
.crtcontains a stack of base64 encoded DER certificates, a key suffixed with.dercontains a binary DER certificate. - Secret
Class Backend Auto TlsAdditional Trust Roots Secret - Reference (name and namespace) to a Kubernetes Secret object where additional certificates are stored. The extensions of the keys denote its contents: A key suffixed with
.crtcontains a stack of base64 encoded DER certificates, a key suffixed with.dercontains a binary DER certificate. - Secret
Class Backend Auto TlsCa - Configures the certificate authority used to issue Pod certificates.
- Secret
Class Backend Auto TlsCa KeyGeneration - The algorithm used to generate a key pair and required configuration settings. Currently only RSA and a key length of 2048, 3072 or 4096 bits can be configured.
- Secret
Class Backend Auto TlsCa KeyGeneration Rsa - Secret
Class Backend Auto TlsCa Secret - Reference (name and namespace) to a Kubernetes Secret object where the CA certificate and key is stored in the keys
ca.crtandca.keyrespectively. - Secret
Class Backend Experimental Cert Manager - The
experimentalCertManagerbackend injects a TLS certificate issued by [cert-manager](https://cert-manager.io/). - Secret
Class Backend Experimental Cert Manager Issuer - A reference to the cert-manager issuer that the certificates should be requested from.
- Secret
Class Backend Experimental Cert Manager KeyGeneration - The algorithm used to generate a key pair and required configuration settings. Currently only RSA and a key length of 2048, 3072 or 4096 bits can be configured.
- Secret
Class Backend Experimental Cert Manager KeyGeneration Rsa - Secret
Class Backend K8sSearch - The [
k8sSearchbackend](https://docs.stackable.tech/home/nightly/secret-operator/secretclass#backend-k8ssearch) can be used to mount Secrets across namespaces into Pods. - Secret
Class Backend K8sSearch Search Namespace - Configures the namespace searched for Secret objects.
- Secret
Class Backend K8sSearch Search Namespace Pod - The Secret objects are located in the same namespace as the Pod object. Should be used for Secrets that are provisioned by the application administrator.
- Secret
Class Backend Kerberos Keytab - The [
kerberosKeytabbackend](https://docs.stackable.tech/home/nightly/secret-operator/secretclass#backend-kerberoskeytab) creates a Kerberos keytab file for a selected realm. The Kerberos KDC and administrator credentials must be provided by the administrator. - Secret
Class Backend Kerberos Keytab Admin - Kerberos admin configuration settings.
- Secret
Class Backend Kerberos Keytab Admin Active Directory - Credentials should be provisioned in a Microsoft Active Directory domain.
- Secret
Class Backend Kerberos Keytab Admin Active Directory Experimental Generate SamAccount Name - Allows samAccountName generation for new accounts to be customized. Note that setting this field (even if empty) makes the Secret Operator take over the generation duty from the domain controller.
- Secret
Class Backend Kerberos Keytab Admin Active Directory Ldap TlsCa Secret - Reference (name and namespace) to a Kubernetes Secret object containing the TLS CA (in
ca.crt) that the LDAP server’s certificate should be authenticated against. - Secret
Class Backend Kerberos Keytab Admin Active Directory Password Cache Secret - Reference (name and namespace) to a Kubernetes Secret object where workload passwords will be stored. This must not be accessible to end users.
- Secret
Class Backend Kerberos Keytab Admin Keytab Secret - Reference (
nameandnamespace) to a K8s Secret object where a keytab with administrative privileges is stored in the keykeytab. - Secret
Class Backend Kerberos Keytab Admin Mit - Credentials should be provisioned in a MIT Kerberos Admin Server.
- Secret
Class Spec - A SecretClass(https://docs.stackable.tech/home/nightly/secret-operator/secretclass) is a cluster-global Kubernetes resource that defines a category of secrets that the Secret Operator knows how to provision.
Enums§
- Secret
Class Backend Auto TlsCa KeyGeneration RsaLength - Secret
Class Backend Experimental Cert Manager Issuer Kind - A reference to the cert-manager issuer that the certificates should be requested from.
- Secret
Class Backend Experimental Cert Manager KeyGeneration RsaLength