AWS admin has access to all secrets?

[m0a0k0s]

Hello, am I right that AWS admin has access to all secrets? According to https://github.com/kelseyhightower/vault-controller/blob/master/docs/deployment-guide.md, the root token or admin token is written in kubernetes secret

kubectl -n vault-controller \ create secret generic vault-controller \ --from-literal "vault_token=3e4a5ba1-kube-422b-d1db-844979cab098"

So AWS admin could read this config from kubernetes secret and use the token to read all secrets from vault?

[m0a0k0s]

I've got the answer here https://github.com/Boostport/kubernetes-vault/issues/133