cheruvu1
commented
1 year ago To integrate Azure Key Vault to AKS, this requires an add-on called azure-keyvault-secrets-provider
1) There are two pieces of this add on. One is the Secrets Store CSI Driver for Kubernetes secrets – Integrates secrets stores with Kubernetes via a Container Storage Interface (CSI) volume.
The Secrets Store CSI Driver secrets-store.csi.k8s.io allows Kubernetes to mount multiple secrets, keys, and certs stored in enterprise-grade external secrets stores into their pods as a volume. Once the Volume is attached, the data in it is mounted into the container’s file system.
2) The second is the Azure Key Vault Provider for Secrets Store CSI Driver which allows for the integration of an Azure key vault with an Azure Kubernetes Service (AKS) cluster.
3) Access security between the AKS cluster to the key vault using a user assigned managed identity.
Is there an existing issue for this?
Greenfield/Brownfield provisioning
None
Terraform Version
No response
Module Version
No response
AzureRM Provider Version
No response
Affected Resource(s)/Data Source(s)
No response
Terraform Configuration Files
No response
tfvars variables values
No response
Debug Output/Panic Output
No response
Expected Behaviour
No response
Actual Behaviour
No response
Steps to Reproduce
No response
Important Factoids
No response
References
No response