Secrets Store CSI Driver and ASCP

Install CSI drivers

Prepare your cluster by installing Secrets Store CSI Secret driver and AWS Secrets and Configuration Provider (ASCP).

Secrets Store CSI Driver:

helm repo add secrets-store-csi-driver \
  https://raw.githubusercontent.com/kubernetes-sigs/secrets-store-csi-driver/master/charts

helm install -n kube-system csi-secrets-store \
  --set syncSecret.enabled=true \
  --set enableSecretRotation=true \
  secrets-store-csi-driver/secrets-store-csi-driver

ASCP:

kubectl apply -f https://raw.githubusercontent.com/aws/secrets-store-csi-driver-provider-aws/main/deployment/aws-provider-installer.yaml

Verifiy the installation:

Verify that two daemonsets deployed. csi-secrets-store-secrets-store-csi-driver for standard Secrets Store CSI Driver and csi-secrets-store-provider-aws for the ASCP that supports provider (AWS) specific options.

kubectl get daemonsets -n kube-system -l app=csi-secrets-store-provider-aws
kubectl get daemonsets -n kube-system -l app.kubernetes.io/instance=csi-secrets-store

NAME                             DESIRED   CURRENT   READY   UP-TO-DATE   AVAILABLE   NODE SELECTOR            AGE
csi-secrets-store-provider-aws   1         1         1       1            1           kubernetes.io/os=linux   2m34s

NAME                                         DESIRED   CURRENT   READY   UP-TO-DATE   AVAILABLE   NODE SELECTOR            AGE
csi-secrets-store-secrets-store-csi-driver   1         1         1       1            1           kubernetes.io/os=linux   2m42s