I'm trying to use parameter store and secret manager in my EKS cluster but i keep getting this error:
MountVolume.SetUp failed for volume "secrets-store-inline" : rpc error: code = Unknown desc = failed to get secretproviderclass fastcode/helloworld-secrets, error: SecretProviderClass.secrets-store.csi.x-k8s.io "helloworld-secrets" not found
and inside secret store provider logs:
secretproviderclasspodstatus_controller.go:99] "failed to patch secret owner ref" err="failed to get spc helloworld-secrets, err: SecretProviderClass.secrets-store.csi.x-k8s.io "helloworld-secrets" not found"
Both pod and SecretProviderClass are created with helm.
SecretProviderClass and pods are in the same namespace
apiVersion: secrets-store.csi.x-k8s.io/v1
kind: SecretProviderClass
metadata:
name: helloworld-secrets
spec:
provider: aws
parameters:
objects: |
- objectName: "/password/db"
objectType: "ssmparameter"
objectAlias: "dbpassword"
- objectName: "/password/instance"
objectType: "ssmparameter"
objectAlias: "dbinstancepassword"
volumes:
- name: secrets-store-inline
csi:
driver: secrets-store.csi.k8s.io
readOnly: true
volumeAttributes:
secretProviderClass: "helloworld-secrets"
What should i do?
Thanks
AWS 官方已更新 1 年前
Do the parameter store parameters exist, and do your pods have access to the parameter as well as any KMS key that would be needed to decrypt the values?