Key Rotation for AKS Secrets #577
Labels
question
Further information is requested
Comments
|
Hi, I'm not part of the team but wanted to ask some additional context. Are you using the "controller" or the "env-injector"? If you're not using the "controller" but only using the "env-injector" then the secrets are pulled directly from keyvault during pod startup, and there is no syncing involved. If you are using the controller, then you can set the resync period, but it default to 30 seconds. Take a look in https://github.com/SparebankenVest/public-helm-charts/tree/master/stable/akv2k8s/README.md for "azureKeyVaultResyncPeriod" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We are using AKV Environment Injector to inject secrets in our Applications, as part of our compliance requirement we are required to perform Key rotation in our application, I want to know the behavior of AKV2K8s in this scenario, the latency and delay to sync the secret, we do understand that we will require some sort of logic handling in our applications, but not sure about the behavior of AKV2k8S CRD.
The text was updated successfully, but these errors were encountered: