-
Notifications
You must be signed in to change notification settings - Fork 467
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Failure when injecting a dynamic key pair into a k8s secret #1595
Comments
Thank you for your contribution! This issue has been automatically marked as |
This issue has been marked |
Issue:
When using a dynamic service like AWS Engine in Vault, the key pairs do not match, leading to a bad set of credentials. The issue is caused due to the webhook making separate calls to the AWS Engine (and generating two separate key pairs) for the access key and secret key, resulting in a set of non-matching keys.
Values Example:
vault:aws/creds/my-role#access_key
vault:aws/creds/my-role#secret_key
Using AWS Engine: https://banzaicloud.com/docs/bank-vaults/external-configuration/secrets-engines/#aws
Expected result:
When the webhook reaches out to inject values into a k8s secret, the values are added from a single request to the AWS Engine.
/kind bug
The text was updated successfully, but these errors were encountered: