Comments (6)
jeffpearce
commented on June 8, 2024
1
@catalinpan I think the arn is wrong in your yaml file - does it work if you specify the key as arn:aws:secretsmanager:eu-west-2:111111111110:secret100?
from kubernetes-external-secrets.
jeffpearce
commented on June 8, 2024
I can take a look at this. On the surface it seems like it should work
from kubernetes-external-secrets.
catalinpan
commented on June 8, 2024
@jeffpearce thanks for the reply. I've just tested and you are right. The correct key should be
- key: "arn:aws:secretsmanager:eu-west-2:111111111110:secret:secret100".
Just tested and it works as expected. Many thanks!
from kubernetes-external-secrets.
zico-dev
commented on June 8, 2024
Apologies for reopening this. I am facing a somewhat similar issue (reference: https://github.com/godaddy/kubernetes-external-secrets):
Below is my yaml file:
apiVersion: 'kubernetes-client.io/v1'
kind: ExternalSecret
metadata:
name: test-secrets
secretDescriptor:
backendType: secretsManager
roleArn: arn:aws:iam::1234567890123:role/ExternalSecretRole
data:
- key: 'arn:aws:secretsmanager:us-east-1:1234567890123:secret:test-secrets'
name: test-secrets
aws cli output:
aws secretsmanager get-secret-value --secret-id arn:aws:secretsmanager:us-east-1:1234567890123:secret:test-secrets-j8Sdcr --region us-east-1
{
"Name": " test-secrets ",
"VersionId": "f2d90749-7ded-48e1-bbd9-20b3wrr0rw7b9c8",
"SecretString": "{\"secretname\":\"secretvalue\"}",
"VersionStages": [
"AWSCURRENT"
],
"CreatedDate": 1183151199.134,
"ARN": "arn:aws:secretsmanager:us-east-1:1234567890123:secret:test-secrets-j8Sdcr"
}
When I attempt to check the status of the external secrets, it shows an error:
kubectl -n testing-example get es
NAME LAST SYNC STATUS AGE
test-secrets 0s ERROR, Secrets Manager can't find the specified secret. 24h
Any ideas on why its showing "ERROR, Secrets Manager can't find the specified secret."?
Thanks
from kubernetes-external-secrets.
catalinpan
commented on June 8, 2024
@zico-dev Can the node assume the role arn:aws:iam::1234567890123:role/ExternalSecretRole ?
from kubernetes-external-secrets.
zico-dev
commented on June 8, 2024
Hello @catalinpan ,
Thanks for your quick response. I ensured that the node was able to assume the ExternalSecretRole. I just realized that in the deployment yaml, under the env variable, it was pointing to wrong AWS region (us-west-1). Once I changed that to us-east-1, and reapplied it, it started working!
All is well, thank you very much!!
from kubernetes-external-secrets.
Related Issues (20)
- alpine base image version HOT 2
- How self-signed cert on Azure KV can decode ? HOT 3
- .
- TLS ERROR with Vault using self-signed certificate HOT 1
- IBM-Cloud-Secret-Manager Arbitrary secret creating with wrong indentation HOT 5
- vault authentication with AppRole HOT 1
- Fetch all Azure KeyVault secrets HOT 4
- isBinary does not do anything when used with dataFromWithOptions HOT 2
- Status update failed for externalsecret due to modification, new poller should start HOT 6
- High severity vulnerabilities on 8.5.0 HOT 6
- Upsert secret from AWS parameter store as is without base64 encoding HOT 1
- High severity vulnerability on 8.5.1 HOT 3
- dataFromWithOptions support for GCP HOT 2
- Feature: add envVarsFromFieldRef to chart HOT 1
- ERROR, Invalid character in header content ["Authorization"] in new installation of kubernetes-external-secrets
- If a secret is deleted with a failed last sync, metric still exists HOT 1
- How to configure multiple AWS accounts HOT 2
- Pod is using stale tokens HOT 1
- unable to pull image "godaddy/kubernetes-external-secrets:6.0.0" HOT 2
- Does Kubernetes-external-secrets supports kubernetes v1.22? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from kubernetes-external-secrets.