DEVHIDE
Login Or Sign up

Kubernetes secret csi driver restrict secrets in pod

185 Views Asked by At

I am using Kubernetes CSI Secret store driver to connect my AKS to my Keyvault. When mounting my the class inside my pods, the volume contains all the secrets (specified in the class yaml). These secrets are now handed over to different apps, yet I do not want all apps to always mount all secrets referenced in the class but rather select distinct secrets on volume level

Is there a way to prevent that like with regular secrets?

Pod excerpt:

        - name: secrets-provider-volume
          mountPath: /etc/.secrets
          readOnly: true
...
      - name: secrets-provider-volume
        csi:
          driver: secrets-store.csi.k8s.io
          readOnly: true
          volumeAttributes:
            secretProviderClass: secretcls

I am looking for something similar to this: https://kubernetes.io/docs/tasks/inject-data-application/distribute-credentials-secure/#project-secret-keys-to-specific-file-paths

kubernetes kubernetes-secrets csi-driver
Original Q&A
0

There are 0 best solutions below

Related Questions in KUBERNETES

Related Questions in KUBERNETES-SECRETS

Related Questions in CSI-DRIVER

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.