1 Answer
- Newest
- Most votes
- Most comments
0
The ASCP CSI Driver is the secure and supported way to pull secrets into your pod. If you treat your secrets as JSON they can be placed on disk in the container and parsed by your application code at startup. If you're just using Docker run, as you mentioned, locally for development you could volume mount a similar file into place from your local disk. This way the application code works the same way in either case.
If you already have OIDC integrated, then you only need to install the driver and configure it, which may only be a two step process if you're using helm. https://docs.aws.amazon.com/secretsmanager/latest/userguide/integrating_csi_driver.html
Hope that helps! -Ray
answered 3 years ago
Relevant content
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated 19 days ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 months ago