apiVersion: secrets-store.csi.x-k8s.io/v1
kind: SecretProviderClass
metadata:
  name: azure-kvname
  namespace: user-microservice
spec:
  provider: azure
  secretObjects:
    - secretName: sqlalchemy-database-uri
      type: Opaque
      data:
        - objectName: sqlalchemy-database-uri
          key: SQLALCHEMY_DATABASE_URI
    - secretName: mysql-password
      type: Opaque
      data:
        - objectName: mysql-password
          key: MYSQL_PASSWORD
    - secretName: mysql-root-password
      type: Opaque
      data:
        - objectName: mysql-root-password
          key: MYSQL_ROOT_PASSWORD
  parameters:
    usePodIdentity: "false"
    useVMManagedIdentity: "true"
    userAssignedIdentityID: "0c2780e4-8594-4aab-8f1a-8a19f71924bd" # client_id of the user-assigned managed identity
    clientID: "0c2780e4-8594-4aab-8f1a-8a19f71924bd"               # client_id of the user-assigned managed identity
    keyvaultName: "dev-aks"
    objects:  |
      array:
        - |
          objectName: sqlalchemy-database-uri
          objectType: secret
        - |
          objectName: mysql-password
          objectType: secret
        - |
          objectName: mysql-root-password
          objectType: secret
    tenantID: "f4e3e6f7-d21c-460e-b201-2192174e7f41"