Asymmetric secret synchronization

[jroper]

If using asymmetric key pair synchronization, ie, a public and private key, you may only want the public key synchronized to various locations, while the private key should not be synchronized. So for example, service A uses the private key to sign JWTS, and service B needs to use the public key to verify them. To support this, it would be useful if you could specify which keys in the secret data to synchronize.

[Totalus]

Can't you just create two distinct secrets for your use case ?

The only moment you would really need this feature is if your secret is auto-generated by an external service (ex: Cert-Manager) that creates one secret with both public and private key in the data.