[FEATURE]: Support K8s secrets as credential store in CSM Authorization Proxy v2

[thikade]

Describe the solution you'd like CSM for Authorization Proxy v2 (tech preview at this moment) introduces a dependency to Hashicorp Vault, which is quite a heavy requirement for production use when you simply want to install the CSI driver and use the CSM Authorization proxy to manage & provision storage volumes.
If Hashicorp Vault is used for storing credentials, why not additionally provide a much simpler backend based on K8s secrets. As an example, the Apache Kafka operator strimzi uses a similar scheme for managing users via the custom resource KafkaUser:

• When the KafkaUser CR is created, the user credentials are created in a K8s secret managed by the operator (using K8s ownerReferences).
• A very similar scheme could be adopted for the management of tenants and their credentials.
• Storage array credentials could also be stored as K8s secrets.
• Credentials are managed and protected by standard RBAC mechanism inside the CSM auth proxy namespace.

This would enable a much simpler and faster adoption & setup of CSM authorization proxy and CSI driver.

Additional context Hashicorp Vault is solid option, especially for envs that already use a vault cluster in production.
Building and operating a vault cluster - especially on premise - is no trivial task, and seems a bit heavy-weight when the goal is to setup the CSI driver for dynamic storage provisioning.

[csmbot]

@thikade: Thank you for submitting this issue!

The issue is currently awaiting triage. Please make sure you have given us as much context as possible.

If the maintainers determine this is a relevant issue, they will remove the needs-triage label and respond appropriately.

---

We want your feedback! If you have any questions or suggestions regarding our contributing process/workflow, please reach out to us at container.storage.modules@dell.com.