PushSecret

The PushSecret is namespaced and specifies how to push secrets to secret stores.

apiVersion: external-secrets.io/v1alpha1
kind: PushSecret
metadata:
  name: pushsecret-example # Customisable
  namespace: default # Same of the SecretStores
spec:
  refreshInterval: 10s # Refresh interval for which push secret will reconcile
  secretStoreRefs: # A list of secret stores to push secrets to
    - name: aws-parameterstore
      kind: SecretStore
  selector:
    secret:
      name: pokedex-credentials # Source Kubernetes secret to be pushed
  data:
    - match:
        secretKey: best-pokemon # Source Kubernetes secret key to be pushed
        remoteRefs:
          - remoteKey: my-first-parameter # Remote reference (where the secret is going to be pushed)