Creates a Secret in a namespace.
Debugging
Request headers
This operation uses only common request headers and does not have operation-specific request headers. For more information, see Common request and response headers.
Request syntax
POST /pop/v1/sam/secret/secret HTTP/1.1
Request parameters
Parameter | Type | Position | Required | Example | Description |
NamespaceId | String | Query | Yes | cn-beijing:test | The ID of the namespace in which you want to create a Secret. If the namespace is the default namespace, specify only the corresponding region ID. Example: cn-beijing. |
SecretName | String | Query | Yes | registry-auth-acree | The Secret name. The name can contain digits, letters, and underscores (_). The name must start with a letter. |
SecretType | String | Query | Yes | kubernetes.io/dockerconfigjson | The supported Secret type. Valid value:
|
Object | Body | Yes | The information about the Secret. | ||
SecretData | String | Body | Yes | {".dockerconfigjson":"eyJhdXRocyI6eyJyZWdpc3RyeS12cGMuY24tYmVpamluZy5hbGl5dW5jcy5jb20iOnsidXNlcm5hbWUiOiJ1c2VybmFtZSIsInBhc3N3b3JkIjoicGFzc3dvcmQiLCJhdXRoIjoiZFhObGNtNWhiV1U2Y0dGemMzZHZjbVE9In0sInJlZ2lzdHJ5LmNuLWJlaWppbmcuYWxpeXVuY3MuY29tIjp7InVzZXJuYW1lIjoidXNlcm5hbWUiLCJwYXNzd29yZCI6InBhc3N3b3JkIiwiYXV0aCI6ImRYTmxjbTVoYldVNmNHRnpjM2R2Y21RPSJ9fX0="} | The information about the key-value pairs of the Secret. You must configure this parameter. Format: {"Data":"{\"k1\":\"v1\", \"k2\":\"v2\"}"} k specifies a key and v specifies a value. For more information, see Manage a Kubernetes Secret. |
Example : Use a username and password to pull an image from Container Registry over an internal network across accounts
Specify the public domain name and internal domain name.
Configure the username, password, and auth fields to prevent authentication failure. The format of auth is
base64Encode($username:$password)
.
The following code describes the default formats of the field values:
SecretData[".dockerconfigjson"]=base64Encode(
{
"auths": {
"registry-vpc.cn-beijing.aliyuncs.com": { // $internal domain name
"username": "username",
"password": "password",
"auth": "dXNlcm5hbWU6cGFzc3dvcmQ="
},
"registry.cn-beijing.aliyuncs.com": { // $public domain name
"username": "username", // $username
"password": "password", // $password
"auth": "dXNlcm5hbWU6cGFzc3dvcmQ=" // base64Encode($username:$password)
}
}
} )
Response parameters
Parameter | Type | Example | Description |
RequestId | String | 91F93257-7A4A-4BD3-9A7E-2F6EAE6D**** | The request ID. |
Message | String | success | The returned message. |
TraceId | String | 0a98a02315955564772843261e**** | The trace ID that is used to query the details of the request. |
Data | Object | The returned result. | |
SecretId | Long | 16 | The ID of the created Secret. |
ErrorCode | String | Null | The error code. Valid values:
|
Code | String | 200 | The HTTP status code. Valid values:
|
Success | Boolean | true | Indicates whether the Secret was created. Valid values:
|
Examples
Sample requests
POST /pop/v1/sam/secret/secret?NamespaceId=cn-beijing:test&SecretName=registry-auth-acree&SecretType=kubernetes.io/dockerconfigjson HTTP/1.1
Host:sae.aliyuncs.com
Content-Type:application/json
{
"SecretData" : "{\".dockerconfigjson\":\"eyJhdXRocyI6eyJyZWdpc3RyeS12cGMuY24tYmVpamluZy5hbGl5dW5jcy5jb20iOnsidXNlcm5hbWUiOiJ1c2VybmFtZSIsInBhc3N3b3JkIjoicGFzc3dvcmQiLCJhdXRoIjoiZFhObGNtNWhiV1U2Y0dGemMzZHZjbVE9In0sInJlZ2lzdHJ5LmNuLWJlaWppbmcuYWxpeXVuY3MuY29tIjp7InVzZXJuYW1lIjoidXNlcm5hbWUiLCJwYXNzd29yZCI6InBhc3N3b3JkIiwiYXV0aCI6ImRYTmxjbTVoYldVNmNHRnpjM2R2Y21RPSJ9fX0=\"}"
}
Sample success responses
XML
format
HTTP/1.1 200 OK
Content-Type:application/xml
<CreateSecretResponse>
<RequestId>91F93257-7A4A-4BD3-9A7E-2F6EAE6D****</RequestId>
<Message>success</Message>
<TraceId>0a98a02315955564772843261e****</TraceId>
<Data>
<SecretId>16</SecretId>
</Data>
<Code>200</Code>
<Success>true</Success>
</CreateSecretResponse>
JSON
format
HTTP/1.1 200 OK
Content-Type:application/json
{
"RequestId" : "91F93257-7A4A-4BD3-9A7E-2F6EAE6D****",
"Message" : "success",
"TraceId" : "0a98a02315955564772843261e****",
"Data" : {
"SecretId" : 16
},
"Code" : "200",
"Success" : true
}
Error codes
HTTP status code | Error code | Error message | Description |
400 | InvalidParameter.NotEmpty | You must specify the parameter %s. | The value of the %s parameter is invalid. This parameter cannot be left empty. |
400 | InvalidParameter.Obviously | The specified parameter is invalid {%s}. | The value of the {%s} parameter is invalid. |
400 | InvalidParameter.WithMessage | The parameter is invalid {%s}: %s | The value %s of the {%s} parameter is invalid. |
400 | SecretNameConflict.AlreadyExist | The specified SecretName [%s] already exist in this namespace. | The specified Secret name already exists in the current namespace. |
400 | QuotaExceeded.SecretInNamespace | The specified secret exceeded quota [%s]. | The number of Secrets exceeds the upper limit [%s]. |
400 | QuotaExceeded.SecretDataKey | The specified key in SecretData exceeded quota [%s]. | The number of Secret fields exceeds the upper limit [%s]. |
400 | InvalidSecretType.NotAvailable | The specified SecretType [%s] is not supported. | The specified Secret type is not supported. |
400 | InvalidSecretDataKey.NotFound | The specified Key [%s] does not exist in the specified Secret [%s]. | The specified Secret key does not exist in the current Secret [%s]. |
404 | InvalidNamespaceId.NotFound | The specified NamespaceId does not exist. | The specified namespace ID does not exist. |
500 | OperationFailed.RPCError | Internal RPC request processing error. | The system failed to process an internal RPC request. |
For a list of error codes, see Service error codes.