search

Azure / kubernetes-keyvault-flexvol

Azure keyvault integration with Kubernetes via a Flex Volume
MIT License
253 stars 83 forks source link

Periodically reload KeyVault secrets/certs #146

Open recao opened 4 years ago

recao commented 4 years ago

Describe the request As Azure KeyVault is pushing ECR (emergency certificate rotation) https://aka.ms/ecr, it requires services to periodically fetch the latest KeyVault secrets/certs and update accordingly. For AKS microservices, it would be GREAT to have FlexVolume supporting reload KeyVault periodically.

Explain why Key Vault FlexVolume needs it Support of refreshing expired/revoked certificates.

Describe the solution you'd like An config of "refresh rate X" which reloads AKV every X mins.

Describe alternatives you've considered Other ideas of supporting periodically reload secrets/certs

Additional context

srinisudharsan commented 4 years ago

Would it be possible to include this request in the csi secret store project as well