EKS csi secret store driver not finding SecretProviderClass

0

I'm trying to use parameter store and secret manager in my EKS cluster but i keep getting this error:

MountVolume.SetUp failed for volume "secrets-store-inline" : rpc error: code = Unknown desc = failed to get secretproviderclass fastcode/helloworld-secrets, error: SecretProviderClass.secrets-store.csi.x-k8s.io "helloworld-secrets" not found

and inside secret store provider logs:

secretproviderclasspodstatus_controller.go:99] "failed to patch secret owner ref" err="failed to get spc helloworld-secrets, err: SecretProviderClass.secrets-store.csi.x-k8s.io "helloworld-secrets" not found"

Both pod and SecretProviderClass are created with helm. SecretProviderClass and pods are in the same namespace

apiVersion: secrets-store.csi.x-k8s.io/v1
kind: SecretProviderClass
metadata:
  name: helloworld-secrets
spec:
  provider: aws
  parameters:
    objects: |
        - objectName: "/password/db"
          objectType: "ssmparameter"
          objectAlias: "dbpassword"
        - objectName: "/password/instance"
          objectType: "ssmparameter"
          objectAlias: "dbinstancepassword"
volumes:
      - name: secrets-store-inline
        csi:
          driver: secrets-store.csi.k8s.io
          readOnly: true
          volumeAttributes:
            secretProviderClass: "helloworld-secrets"

What should i do?

Thanks

  • Do the parameter store parameters exist, and do your pods have access to the parameter as well as any KMS key that would be needed to decrypt the values?

No Answers

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions