ritazh
commented
5 years ago @eamonnmcevoy For this solution, we expect that you have already created a key vault instance and you have some sensitive content you want to use in your Kubernetes application. The use case this solution addresses is if you already have an enterprise-grade secrets store for managing and storing your application secrets, e.g. Azure Key vault, and you want Kubernetes to use the same source of truth for secrets, then this project provides a way to retrieve sensitive data from the store into your Kubernetes applications using a volume.
The video you linked describes a different project here: https://github.com/Azure/kubernetes-kms which allows you to use Azure Key Vault as the encryption mechanism for your Kubernetes secrets stored in etcd. If you are using AKS-engine, then we will create the Key Vault instance as one of the resources created to run your cluster.
Do I need to manually create the key vault before following the start-up guide, or will it be created automatically?
The reason I'm asking is that I came across this tool after watching with video regarding acs, where the vault seems to be automatically created: https://www.youtube.com/watch?time_continue=57&v=yoiNXPrfMKw