How to access AWS secrets manager key/values secrets in EKS as separate volume mounts

Question

I have saved secrets in AWS secret manager secrets like this

/test/dev/ - secret name and it has keys and values in it

I want to use them in EKS cluster
I found few example like this https://aws.amazon.com/blogs/security/how-to-use-aws-secrets-configuration-provider-with-kubernetes-secrets-store-csi-driver/

But it does not show how can I use different keys like if my secret has 10 keys and I want to use 5 keys in a app as a separate volume mounts 
how will my secret-provider-class look like ?

Answer

You can mount multiple secrets in `SecretProviderClass` within `objects`. Example:

```
    objects: |
        - objectName: "arn:aws:secretsmanager:us-east-2:111122223333:secret:MySecret2-d4e5f6"
        - objectName: "MySecret3"
          objectType: "secretsmanager"
        - objectName: "MySecret4"
          objectType: "secretsmanager"
          objectVersionLabel: "AWSCURRENT"
```

Note that it maps only the configured secret, if one secret has a pointer to another secret (which is not part of the `objects` list), you probably want to create a custom retrieval logic using CDK or an SDK.

See also [this doc](https://docs.aws.amazon.com/secretsmanager/latest/userguide/integrating_csi_driver.html) for more information.

How to access AWS secrets manager key/values secrets in EKS as separate volume mounts

相關內容