To inject a secret directly into a Kubernetes cluster using the Segura® platform, you need to send an HTTP POST request to the specific endpoint, authenticating with an authorization token. Below is an example request and the expected response:
Request
- Endpoint:
POST /api/v4/injection/k8s-secret - Authorization:
Bearer {token}
Request Payload
{
"cluster_name": "prod-cluster",
"namespace": "app-prod",
"secret_name": "db-credentials",
"secret_type": "Opaque",
"data": {
"DB_USER": "produser",
"DB_PASS": "S3cure!R0t4t3d!Value"
},
"trigger_type": "rotation"
}
This request indicates that a secret named db-credentials is being injected into the Kubernetes cluster named prod-cluster, within the app-prod namespace. The secret type is Opaque and contains the credentials DB_USER and DB_PASS. The trigger_type field indicates that the injection is being performed due to a secret rotation.
Response
- Status Code:
200 OK
Response Body
{
"status": "success",
"message": "Secret injected and Kubernetes Secret updated.",
"timestamp": "2025-05-28T14:05:00Z"
}
The response confirms that the secret was successfully injected and that the Kubernetes Secret object was updated. The message indicates the success of the operation and the timestamp shows when the action was performed.