kustomize-controller icon indicating copy to clipboard operation
kustomize-controller copied to clipboard

Published 20 hours ago verified publisher icon fluxcd

Hashicorp Vault AppRole with SOPS

Open nxzqio opened this issue 2 years ago • 0 comments

In this documentation the only available authentication is a Vault Token.

The issue with a Vault Token is it's intended to be short-lived, it can be renewed but by an outside process which is harder at scale.

Ideally we should be able to use the Vault AppRole Engine, so we pass in a Role-ID and a Secret-ID (Normally as a secret), which is used to obtain a short lived token for the transaction.

Documentation

Vault AppRole

Flux with SOPs and Hashicorp Vault

external-secrets.io using AppRole authentication with Vault

nxzqio avatar Jul 07 '22 11:07 nxzqio