search

aws / secrets-store-csi-driver-provider-aws

The AWS provider for the Secrets Store CSI Driver allows you to fetch secrets from AWS Secrets Manager and AWS Systems Manager Parameter Store, and mount them into Kubernetes pods.
Apache License 2.0
459 stars 130 forks source link

not creating k8s secrets #392

Closed srreddy2020 closed 2 weeks ago

srreddy2020 commented 1 month ago

I have deployed below Helm Charts as daemonSets in K8s Cluster. 1)secrets-store-csi-driver-1.4.4 2)secrets-store-csi-driver-provider-aws-0.3.9

Instead of Mounting the secrets into Pod, i would like to have k8s native secrets to get secrets from Aws Secrets Manager When we deploy StorageProviderClass its not creating Secrets. Pod stuck with Error: secret "mysecret-k8s" not found

IAM Role working fine and storageproviderClass Yaml also looks fine, as its working fine when i add Volume\volumeMounts to the POD,i am getting secrets from AWS.

Which provider are you using: AWS Secrets Manager

Environment:

Secrets Store CSI Driver version: v1.4.4 Kubernetes version: v1.27 YAML file below.. apiVersion: secrets-store.csi.x-k8s.io/v1 kind: SecretProviderClass metadata: namespace: csi-provider name: mysecret spec: provider: aws secretObjects:

apiVersion: apps/v1 kind: Deployment metadata: name: nginx1 namespace: csi-provider spec: replicas: 1 selector: matchLabels: run: nginx1 template: metadata: annotations: secrets-store.csi.k8s.io/used: "true" labels: run: nginx1 spec: containers:

Please look into it and let me know if i miss anyting

simonmarty commented 2 weeks ago

I think https://secrets-store-csi-driver.sigs.k8s.io/topics/sync-as-kubernetes-secret is what you want.

If you have more questions about this, open an issue at https://github.com/kubernetes-sigs/secrets-store-csi-driver

This doesn't look like it is specific to our AWS provider.