jesus/secretumvault
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
secretumvault/k8s/04-service.yaml
Jesús Pérez 914c5f767d
chore: source code, docs and tools
2025-12-22 21:34:01 +00:00

82 lines
1.4 KiB
YAML
Raw Blame History

---
# SecretumVault Service
apiVersion: v1
kind: Service
metadata:
name: vault
namespace: secretumvault
labels:
app: vault
spec:
type: ClusterIP
selector:
app: vault
ports:
- name: api
port: 8200
targetPort: api
protocol: TCP
- name: metrics
port: 9090
targetPort: metrics
protocol: TCP
---
# Internal headless service for direct pod access
apiVersion: v1
kind: Service
metadata:
name: vault-headless
namespace: secretumvault
labels:
app: vault
spec:
clusterIP: None
selector:
app: vault
ports:
- name: api
port: 8200
targetPort: api
protocol: TCP
---
# Kubernetes Service Account
apiVersion: v1
kind: ServiceAccount
metadata:
name: vault
namespace: secretumvault
---
# RBAC - ClusterRole for vault
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: vault
rules:
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["configmaps"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["services", "endpoints"]
verbs: ["get", "list", "watch"]
---
# RBAC - ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: vault
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: vault
subjects:
- kind: ServiceAccount
name: vault
namespace: secretumvault
Reference in New Issue View Git Blame Copy Permalink