Comments (2)
Hi @patpicos. To answer your question literally, the answer is yes. You define one AzureKeyVaultSecret definition per Azure Key Vault Secret, and each of your definitions can point to different Key Vaults.
As for auth, the default auth is using the built in AKS identity, meaning this will need access to all your Key Vaults in question.
If your question is about limiting access to Azure Key Vaults per individual namespaces, the answer is no. That is however something we're looking into, so an example of your use case would be nice.
Thanks.
from azure-key-vault-to-kubernetes.
We are using one key vault per application in own namespace and also 1 key vault per aks cluster.
from azure-key-vault-to-kubernetes.
Related Issues (20)
- [Question] Why is the length of env var names limited?
- [BUG] INFO-level logs are sent to the wrong stream HOT 1
- [BUG] Custom annotations and labels on secret is cleared on update HOT 1
- [BUG] http: panic serving: runtime error: invalid memory address or nil pointer dereference HOT 2
- [BUG] Regression in 1.6.0 Prevents Usage of Custom Registries and/or imagePullSecrets HOT 2
- [BUG] copy-azurekeyvault-env container gets default CPU requests of 50m
- ArgoCD sync akv2k8 envinjector deploy on every single commit.
- What Is The Polling Period for KeyVault Secrets
- [Question] When will a version that resolves https://github.com/advisories/GHSA-45x7-px36-x8w8 be released? HOT 1
- Use separate federated credential for each application
- Vulnerabilities found in akv2k8s images
- [BUG] Permission error when deploying to Openshift 4.14.14 HOT 2
- [BUG] OwnerReferences block disappearing after few hours
- [BUG] Env-Injector with Workload Identity does not work without proxy sidecar annotation
- [BUG] Controller outputs key vault keys as binary data, not a usable string
- Cannot schedule pod unrelated to akv2k8s - certificate signed by unknown authority HOT 1
- [BUG] Transform not working for Multi Key Value Secret
- [BUG] AKVS not removing any keys/values deleted in Key Vault after sync
- [BUG] CVE-2024-5535 Vulnerability in the controller latest image
- [BUG] Getting "mapping values are not allowed in this context" with multi-key-value-secret
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from azure-key-vault-to-kubernetes.