github-actions[bot]
commented
2 years ago This issue is now marked as stale because it hasn't seen activity for a while. Add a comment or it will be closed soon.
Open skomp opened 2 years ago
github-actions[bot]
commented
2 years ago This issue is now marked as stale because it hasn't seen activity for a while. Add a comment or it will be closed soon.
github-actions[bot]
commented
2 years ago Closing this issue as it hasn't seen activity for a while. Please add a comment @mentioning a maintainer to reopen.
We don't currently set any namespace annotations for external secrets but should provide a sensible default.
Use Case
When adding a namespace, we should automatically add a namespace annotation for external secrets with a proper scope to a path in the AWS Secrets Manager.
Proposed Solution
Implement an admission controller that whenever a namespace is created, attaches an annotation for external secrets and also checks that no more external secrets annotations are added. For instance, when creating namespace
a, an external secrets annotation to give access to secrets with the prefix/k8s/a/.*as well as an annotation allowing for global secrets, e.g.,/k8s/global/.*.Other
This might serve as an inspiration: https://aws.amazon.com/blogs/containers/building-serverless-admission-webhooks-for-kubernetes-with-aws-sam/
This is a :rocket: Feature Request