The main difference between a ClusterExternalSecret and an ExternalSecret is that a ClusterExternalSecret is a cluster-wide ExternalSecret that can be used to push an ExternalSecret to all namespaces in the cluster. An ExternalSecret is a namespaced resource that can only be used to push an ExternalSecret to a single namespace.
Another difference is that a ClusterExternalSecret can use a namespaceSelector to select specific namespaces to push the ExternalSecret to. An ExternalSecret does not have a namespaceSelector, so it will be pushed to all namespaces in the cluster by default.
Here is a table that summarizes the key differences between ClusterExternalSecrets and ExternalSecrets:
| Feature | ClusterExternalSecret | ExternalSecret |
|---|---|---|
| Scope | Cluster-wide | Namespaced |
| NamespaceSelector | Yes | No |
| Use cases | Pushing a single ExternalSecret to all namespaces in the cluster | Pushing a single ExternalSecret to a specific namespace |
Here are some examples of when you might use a ClusterExternalSecret:
- To push a database password to all namespaces in the cluster.
- To push an API key to all namespaces in the cluster.
- To push a certificate to all namespaces in the cluster.
Here are some examples of when you might use an ExternalSecret:
- To push a database password to a specific namespace.
- To push an API key to a specific namespace.
- To push a certificate to a specific namespace.
- DevOps Certified Professionals (DCP)
- Site Reliability Engineering Certified Professionals (SRECP)
- Master in DevOps Engineering (MDE)
- DevSecOps Certified Professionals (DSOCP)
URL - https://www.devopsschool.com/certification/
My Linkedin - https://www.linkedin.com/in/rajeshkumarin
- What is Mobile Virtual Network Operator? - April 18, 2024
- What is Solr? - April 17, 2024
- Difference between UBUNTU and UBUNTU PRO - April 17, 2024
