Jorge
Reputation: 1453
Kubernetes secret programmatically update
Is there a way to programmatically update a kubernetes secret from a pod? that is, not using kubectl. I have a secret mounted on a pod and also exposed via an environment variable. I would like to modify it from my service but it looks that it's read only by default.
Upvotes: 2
Views: 2064
Answers (1)
Kanadaj
Reputation: 991
You can use the Kubernetes REST API with the pod's serviceaccount's token as credentials (found at /var/run/secrets/kubernetes.io/serviceaccount/token inside the pod), you just need to allow the service account to edit secrets in the namespace via a role.
See Secret for the API docs
The API server is internally reachable via https://kubernetes.default
Upvotes: 2
Related Questions
- Update kubernetes secrets doesn't update running container env vars
- Kubernetes: modify a secret using kubectl?
- How to update secret with "kubectl patch --type='json'"
- Update k8s ConfigMap or Secret without deleting the existing one
- How can I update a secret on Kubernetes when it is generated from a file?
- Create or edit Kubernetes secret from a job
- kubernetes update secrets using imperative commands
- Attaching secret to running pod
- Change the secret a Kubernetes deployment expects
- Updating a Pod with its Secret