Skip to content

Commit

Permalink
Merge pull request #750 from SomtochiAma/kms-docs
Browse files Browse the repository at this point in the history 
Update guide for mozilla sops
  • Loading branch information
@stefanprodan
stefanprodan authored Jan 20, 2021
2 parents 81f6815 + 5f75920 commit 38468c7
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion docs/guides/mozilla-sops.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -106,7 +106,8 @@ secrets by iterating over all the private keys until it finds one that works.

### Using various cloud providers

When using AWS/GCP KMS, you'll have to bind an IAM Role with access to the KMS
When using AWS/GCP KMS, you don't have to include the gpg `secretRef` under
`spec.provider` (you can skip the `--decryption-secret` flag when running `flux create kustomization`), instead you'll have to bind an IAM Role with access to the KMS
keys to the `default` service account of the `flux-system` namespace for
kustomize-controller to be able to fetch keys from KMS.

Expand Down

0 comments on commit 38468c7

Please sign in to comment.