Accessing vault secret from another kubernetes cluster when vault is deployed on a dedicated cluster

Lakshmikanth-Shivann · September 28, 2022, 7:16am

Hello everyone!
How to access vault secret from another kubernetes cluster when vault is deployed on a dedicated cluster and importantly want to know, to do this, does other kubernetes cluster always have to access kubernetes api-server of vault dedicated cluster, is it?

maxb · September 28, 2022, 7:21am

Every cluster from which you want to log in to Vault using Kubernetes service accounts, needs a separate Kubernetes auth method set up in Vault.

No. However, Vault needs to access the Kubernetes api-server of every cluster that will be logging in to it.

Lakshmikanth-Shivann · September 29, 2022, 5:35am

Thanks for the information.
@maxb If I will use AppRole method will vault still need access to the kubernetes api-server of every cluster that will be logging in to it?