Closed OmpahDev closed 1 year ago
@tdevopsottawa I'm not sure if external secrets supports workload identity, so this would be a question for the external secrets authors. I would recommend opening an issue here.
Multiple user assigned identities exist, please specify the clientId / resourceId of the identity in the token request
That is an error message using managed identities without workload identity, so please open an issue in the external secrets repo so they can validate your config and provide a recommendation.
I have a service account connected via OIDC to a service account and it works like a charm when used for the external secrets operator:
I can then use that external secret to fetch keys from the keyvault, no problem. Works fine. But when I try to have a deployment run as the service account so it can connect to the keyvault API, like this:
the application fails to connect to the keyvault and throws the error:
How do I get this to work?