20 questions
-1
votes
1
answer
45
views
GCP not-secrets manager
Handling secrets within GCP is easy, Secrets Manager.
We, like probably many many others, generate secret values (terraform mostly for us) and store them in GCP Secrets Manager for consumption by ...
0
votes
1
answer
369
views
Google Secret Manager with GKE and external secrets error: could not get idbindtoken
I'm in the process of moving to secret manager with external secrets operator in our GKE Standard Cluster.
I have been getting the below error and I am struggling to see why this is happening:
failed ...
- 704
0
votes
0
answers
79
views
How to access secrets locally (Replicate external secret Operator)
This is a more open-ended question but I hope it is allowed here. I am currently tasked with replacing the Jasypt library which we use to decrypt secrets in our applications. For now the course of ...
- 718
0
votes
1
answer
403
views
External Secrets unable to read plain text
Hi I have an external Secrets created that I want to read the secrets from SSM Parameter.
However this secrets are stored as string rather than JSON format.
I'm getting this error:
unable to ...
- 731
0
votes
0
answers
91
views
External Secrets Operator minimal RBAC
I am installing External Secrets Operator (ESO) into EKS cluster.
My goal is to give as little privileges to the operator as possible, preferably limited to a namespace.
The ESO official docs mention ...
- 195
0
votes
0
answers
100
views
How to deploy ExternalSecret using Flux + Helm?
I have
Kubernetes (EKS) version 1.30
Flux v2
external-secrets latest version installed using the Flux guide
I don't understand how to integrate external-secret with ExternalSecret built using Helm.
...
- 381
1
vote
1
answer
557
views
How to pull certificate from key vault using external secrets in AKS?
Using external-secrets I am able to pull secrets from key vault but not certificates . I have imported the certificate pfx file wildcard-poc-abc-com.pfx as a certificate with name wildcard-poc-abc-com....
- 11
1
vote
1
answer
2k
views
How can I use External Secrets Operator to copy Kubernetes secrets from one namespace to another?
I'm using External Secrets Operator to copy secrets from external providers into Kubernetes secrets, and it works great for that.
Now I'd like to copy (& synchronize) a secret from one Kubernetes ...
- 131
0
votes
1
answer
1k
views
I've set up External Secrets on an AKS Cluster, pointed to an Azure Key Vault, but my ExternalSecrets won't sync
I'm trying to integrate AKS with Key Vault using the External Secrets operator. I've set up the operator itself using the Helm chart, and I've created a SecretStore resource pointed at a Vault (we'll ...
0
votes
0
answers
994
views
Kubernetes external secret "cannot read secret data from Vault: Error making API request" 403
I'm trying to integrate my AKS cluster with my Hashicorp vault by following the countless examples online which all seem very straight forward. However, I can't seem to get around the 403 error on the ...
- 347
0
votes
0
answers
1k
views
External Secrets Operator fails to create External Secrets due to certificate issue on Webhook deployment
Describe the bug
Once, all three deployments for External Secrets Operator are successfully running in external-secrets namespace. The ClusterSecretStore is also successfully configured and the ...
- 306
0
votes
1
answer
521
views
How to replace dash to underscore in key name on External Secrets for azure key vaults
When fetching keys from azure key vault to kubernetes with External secrets, it saved with the same name that was provided in AKV, but AKV doesn't support underscores in key names. Is there an option ...
- 119
-1
votes
1
answer
995
views
Can I define secretStoreRef's name of a ExternalSecret in my configMap?
I have an ExternalSecret definition pulling secrets from Azure key vault.
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
name: my-es
spec:
dataFrom:
- find:
... copy some ...
- 1,133
3
votes
1
answer
1k
views
Create multiple targets using external secret operator AWS
I have multiple secrets in the AWS secrets manager.
I am using an external secret operator to sync them to Kubernetes secrets.
Using external secrets, I can create Kubernetes secrets in my cluster, ...
- 793
0
votes
1
answer
558
views
How to prevent external-secrets-operator from modifying k8s secrets when it has trouble with the Vault backend?
We're using the latest external secrets operator from external-secrets.io to get secrets from Vault and inject them into kubernetes. We had a situation where a Vault KV engine was upgraded from v1 to ...
- 2,853
1
vote
1
answer
5k
views
External secret is not working on kubernetes
I have implemented external secrets to fetch values from azure key vault in kubernetes cluster. It worked fine for two environments but in third environment it is not working. It created secret store ...
- 61
1
vote
1
answer
410
views
Kong plugin store value in Kubernetes secret
I have this KongPlugin on Kubernetes
apiVersion: configuration.konghq.com/v1
kind: KongPlugin
config:
remove:
headers:
- Authorization
append:
headers:
- Authorization:Basic <...
- 93
0
votes
2
answers
515
views
function "pkcs12cert" not defined for externsecrets in helm chart
I am trying to create tls secrets using Externalsecret and yaml file is created as below.
apiVersion: external-secrets.io/v1alpha1
kind: ExternalSecret
metadata:
name: pgbouncer-serv
spec:
...
- 63
3
votes
1
answer
11k
views
"secret not found" reported by ExternalSecret
I have been struggling with this issue for the past 2 days and I'm stuck. I'm using External Secrets Operator to obtain secrets from Vault: https://external-secrets.io/
It seems ExternalSecret is not ...
- 71
2
votes
0
answers
4k
views
external secrets operator: InvalidProviderConfig
Summary
My SecreteStore and ServiceAccount are in the same namespace
ServiceAccount has a trust relationship with AWS SecretsManager
But In ArgoCD, I see myapp (a cronjob) is degraded
The error ...
- 4,630