I have an external vault cluster which is deployed and configured in AWS EKS cluster. The application instance is in GKE cluster. There are multiple teams which require the secrets from vault in multiple namespaces. Currently, the vault secrets are injected in the app pod in one of the namespace in GKE cluster. I am currently installing the vault agent injector in the namespace where the secrets are required but the creation of cluster role, cluster role bindings and mutatingwebhook fails to create in other namespaces as it is already bounded to the first namespace. How do I achieve injecting secrets to app pod deployed in multiple namespaces.
Any suggestions are much appreciated.