The External Secrets Operator is a Kubernetes operator that integrates with external secret management systems, for example, Google Secrets Manager and Hashicorp Vault. It reads information from external APIs and automatically injects the values into a Kubernetes secret.
Tanzu Application Platform (commonly known as TAP) uses the External Secrets Operator to simplify Kubernetes secret life cycle management. The external-secrets
plug-in, which is available in the Tanzu CLI, interacts with the External Secrets Operator API. Users can use this CLI plug-in to create and view External Secrets Operator resources on a Kubernetes cluster.
External Secrets Operator is available in Tanzu Application Platform packages with a Carvel Package named external-secrets.apps.tanzu.vmware.com
. It is not part of any installation profile.
To learn more about managing secrets with External Secrets in general, see the official External Secrets Operator documentation. For installing the External Secrets Operator and the CLI plug-in see the following documentation. Also, see the example integration of External-Secrets with Hashicorp Vault.