Use In Projects
Global secrets can be used in projects by creating a project secret that is synchronized by a global secret. This provides a way to manage secret data across many projects.
Create a Project Secret using a Global Secret
When you have a shared secret defined in Loft and wish to use it inside your project, you can configure syncing between a project secret and the shared secret. To configure this, follow these steps:
- Navigate to the Projects view using the menu on the left
- Select the project you'd like to configure using the drop down menu
- Click on Project Secrets
- Click on the button
- Click on my-secret to change the display name for the secret
- Optionally click on Enter a description for this object... to add a description for the secret
- In the Optional: Select a shared secret input, select the shared secret that you wish to sync to the project secret
- Click on the button to save your changes
The global secret's data will be synchronized with the project secret momentarily. Using this configuration, updates to the shared secret will automatically propagate down to the project secret.
Once the project secret has been created, head over to the Secret Sync page to learn how to use the project secret data from a Pod.
Shared Secret Permissions
When creating a project secret that refers to a shared secret you must have permissions to read the shared secret or the request will be denied.