Re-posting question here.
I am trying to integrate external vault to Kubernetes using sidecar pattern.
Following below reference link:-
Integrate a Kubernetes cluster with an existing Vault service.
When a secret is updated in vault, it is getting reflected in pod only after manual restart of pod.
- Is there any annotation to enable in pod template, so that injector should check secrets in external vault, let’s say for every 5min and if found changes, then update it in our pod without manual intervention ?
- If not annotation, any other alternative which I can achieve automatically fetching secrets for certain period of time using sidecar pattern?
This task is blocker for other teams. Please do let me know, if this scenario is doable or need to stop here.
Thank you in Advance…!!