Moritz Johner

An ExternalSecret is namespaced and creates secrets only in the very same namespace. You can however use a ClusterExternalSecret that allows you to distribute/create secrets across one or more namespaces...

Hey @nazarewk thank you for the research, i think we can re-use sessions in `pkg/provider/aws/auth` by storing them in a `map[string]*session.Session`. The lookup key can be the store's `{namespace}/{name}`. That...

I believe this can be closed; feature has been implemented.

Vault has cert auth: https://external-secrets.io/v0.5.3/spec/#external-secrets.io/v1beta1.VaultCertAuth Does that work for you? I realized this is missing on the provider docs

hey @mezzofix i got it to work with this, could you try this out? ```yaml apiVersion: external-secrets.io/v1beta1 kind: ExternalSecret metadata: name: example spec: refreshInterval: 1m secretStoreRef: name: example-secret-store kind: SecretStore...

Hey @alexander-rondon, when using an ExternalSecret in a helm chart you must escape the template functions! The above example would look like this when used in a helm chart: ```yaml...

Is there anything left to do, can we close this one out?

Hey! A simple assume role should be supported with all authenticatiom mechanisms. But role jumping (chaining multiple assume-role calls) is not supported currently.

> ExternalizedSecret There's too much character overlap with `ExternalSecret` and will cause confusion IMO. When imagining talking about the differences between the two it will be hard to understand. I...

What `role-arn` annotation does that `ServiceAccount` have? Is it `arn:aws:sts::xxxxx:role/k8s-ui-apps/external-secrets-provider-aws` ? Does that IAM Role trust that kubernetes service account in that particular namespace? From the error message it very...