HuaweiCloud Cloud Secret Management Service (CSMS)

Detailed information on the HuaweiCloud Cloud Secret Management Service (CSMS) - secret store component

Component format

To setup HuaweiCloud Cloud Secret Management Service (CSMS) secret store create a component of type secretstores.huaweicloud.csms. See this guide on how to create and apply a secretstore configuration. See this guide on referencing secrets to retrieve and use the secret with Dapr components.

  1. apiVersion: dapr.io/v1alpha1
  2. kind: Component
  3. metadata:
  4.   name: huaweicloudcsms
  5. spec:
  6.   type: secretstores.huaweicloud.csms
  7.   version: v1
  8.   metadata:
  9.   - name: region
  10.     value: "[huaweicloud_region]"
  11.   - name: accessKey 
  12.     value: "[huaweicloud_access_key]"
  13.   - name: secretAccessKey
  14.     value: "[huaweicloud_secret_access_key]"

Warning

The above example uses secrets as plain strings. It is recommended to use a local secret store such as Kubernetes secret store or a local file to bootstrap secure key storage.

Spec metadata fields

FieldRequiredDetailsExample
regionYThe specific region the HuaweiCloud CSMS instance is deployed in“cn-north-4”
accessKeyYThe HuaweiCloud Access Key to access this resource“accessKey”
secretAccessKeyYThe HuaweiCloud Secret Access Key to access this resource“secretAccessKey”

Optional per-request metadata properties

The following optional query parameters can be provided when retrieving secrets from this secret store:

Query ParameterDescription
metadata.version_idVersion for the given secret key.

Setup HuaweiCloud Cloud Secret Management Service (CSMS) instance

Setup HuaweiCloud Cloud Secret Management Service (CSMS) using the HuaweiCloud documentation: https://support.huaweicloud.com/intl/en-us/usermanual-dew/dew\_01\_9993.html.