Create global secrets
Global Secrets allow you to define and share secrets across all registered clusters. Native Kubernetes secrets that reference these global secrets can then be created and vCluster Platform will synchronize the secret's data with the global secret.
Global secrets are not synchronized to secrets created within virtual clusters, however project secrets are. To use a global secret to manage secret data in virtual clusters, you can first create a project secret that is synchronized by a global secret.
Create a Global Secret
To create a global secret follow these steps:
Navigate to the Global Secrets view using the menu on the left
Click on the button
Enter a name for the secret by clicking on my-secret
Enter a decritpion for the secret by clicking on Enter a description for this object...
Click on the Data
Enter the secret data in the Secret Data input
Enter the namespace for the secret in the Secret Data input
Click on the Access
Use the to add new access rules for the shared secret
Under the Users & Teams column, select the user or team you'd like to grant access to the shared secret
Under the Permissions column, select the verb to enable for the user or team
Click on the button once your changes are complete
To use this global secret, create a secret in the namespace where you need the secret data, taking care to add the labels:
apiVersion: v1
kind: Secret
metadata:
name: my-secret
namespace: my-space
labels:
loft.sh/sharedsecret-namespace: vcluster-platform
loft.sh/sharedsecret-name: my-secret
type: Opaque