Secrets Store Add-on
This integration is supported only for Amazon EKS Clusters with AWS Secrets Manager.
Managed System Add-ons are available in the controller by default for users and one or more managed add-ons can be added to a blueprint to deploy them to the clusters.
Secrets Store CSI Driver Add-on:¶
The Secrets Store CSI Driver allows Kubernetes to mount multiple secrets, keys, and certs stored in enterprise-grade external secrets stores into their pods as a volume. Once the Volume is attached, the data in it is mounted into the container’s file system.
When Secrets Store CSI Driver add-on is enabled, there is a dropdown option to select the provider specific plugin for the Secrets Store CSI Driver.
For AWS Secrets Manager, this would be the AWS Secrets and Configuration Provider (ASCP). ASCP allows you to make secrets stored in Secrets Manager appear as files mounted in Amazon EKS pods.
Secrets Store CSI Driver Configuration Options¶
- Click the Wrench icon to customize the CSI Driver parameters
Customize Secrets Store CSI Driver Addons window appears
- Select the required parameters for the CSI Driver and close the window to save the changes. Rotation poll interval can be customized when 'Enable Secret Rotation' setting is selected, the default being 2 min