How to convert configmap to azure keyvault
I have a configmap like below.Which I will link to a config file in our application.
apiVersion: v1
kind: ConfigMap
metadata:
name: database-configmap
data:
config: |
dbport=5432
dcname=
dbssl=false
locktime=300
domainuser=
dattserverhost=localhost
conntype=ON-PREM
dbinstance=
dattusessl=false
dbpwd=VrjvBguQ
iisport=80
docountupgrade=false
doreportupgrade=false
dbname=dattdatabase
dattuseiis=false
dbtype=POSTGRESQL
dbusername=postg
dbserver=tgres.database.azure.com
domainpwd=
How to save this in azurekeyvault and get from there during deployment? Individual key/value pairs are stored there in keyvault. But how to achieve this?
I have tried the option provided in the link but it is not showing as normal kubernetes secret. Please see the output below:
kubectl get azurekeyvaultsecret.spv.no/secret-sync -n akv-test
NAME VAULT VAULT OBJECT SECRET NAME SYNCHED
secret-sync testingvaultd sample1
kubectl get secrets -n akv-test
NAME TYPE DATA AGE
default-token-9bsk8 kubernetes.io/service-account-token 3 5m31s
Was interesting question for me so I investigated a bit. First of all you should understand I have not personally tried(will try a bit later) so this is just an idea. Too much info for comment.
I found very interesting akv2k8s project(Explore Azure Key Vault to Kubernetes) that seems can help meet the requirements...
Azure Key Vault to Kubernetes (akv2k8s) makes Azure Key Vault secrets, certificates and keys available in Kubernetes and/or your application
- in a simple and secure way.
They mention configmaps in overview but not in diagram.
Akv2k8s contains two main components:
The akv2k8s Controller syncs Azure Key Vault objects to Kubernetes as native Secret's or ConfigMaps
The akv2k8s Injector injects Azure Key Vault objects as environment variables directly into your application.
Use the Controller if: need to sync Azure Key Vault data to a Kubernetes ConfigMap
Installation: How to install Azure Key Vault to Kubernetes (akv2k8s) on Azure AKS