Add new infra architecture

infrastructure/platform/security/encryption/encryption-config.yaml

@@ -0,0 +1,17 @@
+# Kubernetes Secrets Encryption Configuration
+# This file configures encryption at rest for Kubernetes secrets
+# Used by the API server to encrypt secret data stored in etcd
+
+apiVersion: apiserver.config.k8s.io/v1
+kind: EncryptionConfiguration
+resources:
+  - resources:
+      - secrets
+    providers:
+      - aescbc:
+          keys:
+            - name: key1
+              # 32-byte (256-bit) AES key encoded in base64
+              # Generated using: openssl rand -base64 32
+              secret: 62um3zP5aidjVSIB0ckAxF/Ms8EDy/Z8LyMGTdMuoSM=
+      - identity: {}