

Kops create secret encryptionconfig

kops create secret encryptionconfig

Create an encryption config.

Synopsis

Create a new encryption config, and store it in the state store. Used to configure encryption-at-rest by the kube-apiserver process on each of the master nodes. The config is not updated by this command.

kops create secret encryptionconfig [flags]

Examples

  # Create a new encryption config.
  kops create secret encryptionconfig -f config.yaml \
  --name k8s-cluster.example.com --state s3://example.com
  # Create a new encryption config via stdin.
  generate-encryption-config.sh | kops create secret encryptionconfig -f - \
  --name k8s-cluster.example.com --state s3://example.com
  # Replace an existing encryption config secret.
  kops create secret encryptionconfig -f config.yaml --force \
  --name k8s-cluster.example.com --state s3://example.com

Options

  -f, -- string   Path to encryption config yaml file
      --force     Force replace the kops secret if it already exists
  -h, --help      help for encryptionconfig

Options inherited from parent commands

      --add_dir_header                   If true, adds the file directory to the header
      --alsologtostderr                  log to standard error as well as files
      --config string                    yaml config file (default is $HOME/.kops.yaml)
      --log_backtrace_at traceLocation   when logging hits line file:N, emit a stack trace (default :0)
      --log_dir string                   If non-empty, write log files in this directory
      --log_file string                  If non-empty, use this log file
      --log_file_max_size uint           Defines the maximum size a log file can grow to. Unit is megabytes. If the value is 0, the maximum file size is unlimited. (default 1800)
      --logtostderr                      log to standard error instead of files (default true)
      --name string                      Name of cluster. Overrides KOPS_CLUSTER_NAME environment variable
      --skip_headers                     If true, avoid header prefixes in the log messages
      --skip_log_headers                 If true, avoid headers when opening log files
      --state string                     Location of state storage (kops 'config' file). Overrides KOPS_STATE_STORE environment variable
      --stderrthreshold severity         logs at or above this threshold go to stderr (default 2)
  -v, --v Level                          number for the log level verbosity
      --vmodule moduleSpec               comma-separated list of pattern=N settings for file-filtered logging

SEE ALSO

• kops create secret - Create a secret.