// , Kubernetes Auth Method on Kubernetes Namespaces

// , Do Kubernetes have their own authentication method configurations in Vault?
And how, if at all, does that affect the API path structure for setup?

E.g. to enable an auth method for a couple of Kubernetes namespaces, would I need to make my POST against $VAULT_ADDR/v1/auth/kubernetes/namespace1, and $VAULT_ADDR/v1/auth/kubernetes/namespace2?

Background: https://www.vaultproject.io/api/auth/kubernetes/index.html

Hi there!

You can define multiple roles per Kubernetes auth backend and also define multiple allowed namespaces via bound_service_account_namespaces: https://www.vaultproject.io/api-docs/auth/kubernetes/#inlinecode-bound_service_account_namespaces-1

Cheers,
Michel

What if I need to add a Kubernetes auth method configured to a specific Kubernetes namespace, though?

Hi @v61!

You can mount multiple Kubernetes auth backends to different paths: https://www.vaultproject.io/docs/auth/#enablingdisabling-auth-methods

Cheers,
Michel