Install Kubernetes Operator
The Infisical Operator is a collection of Kubernetes controllers that streamline how secrets are managed between Infisical and your Kubernetes cluster. It provides multiple Custom Resource Definitions (CRDs) which enable you to:
- Sync secrets from Infisical into Kubernetes (
InfisicalSecret). - Push new secrets from Kubernetes to Infisical (
InfisicalPushSecret). - Manage dynamic secrets and automatically create time-bound leases (
InfisicalDynamicSecret).
Install the latest Helm repository
helm repo add infisical-helm-charts 'https://dl.cloudsmith.io/public/infisical/helm-charts/helm/charts/'
helm repo update
helm install --generate-name infisical-helm-charts/secrets-operatorApplying global configurations
apiVersion: v1
kind: Namespace
metadata:
name: infisical-operator-system
---
apiVersion: v1
kind: ConfigMap
metadata:
name: infisical-config
namespace: infisical-operator-system
data:
hostAPI: https://example.com/api # <-- global hostAPI
tls.caRef.secretName: custom-ca-certificate # <-- global TLS CA secret name
tls.caRef.secretNamespace: default # <-- global TLS CA secret namespace
tls.caRef.key: ca.crt # <-- global TLS CA secret keykubectl apply -f infisical-config.yaml