Hello !
I have the following use case. I have a Vault Cluster that runs on EC2s. Users log in to Vault via OIDC with Google. We have several Kubernetes Clusters that use Vault Secrets Operator with the Kubernetes VaultAuth and this works well. However, we want developers to be able to mimic the behavior they would have on the Kubernetes clusters locally with solutions like Minikube. This would allow them to test their code with the VaultStaticSecrets manifests locally and simply.
The issue I currently have is on how to achieve this without having to create specific resources on the Vault Cluster. For example the VaultAuth Kubernetes and JWT method require adding the Minikube’s certificate in the Vault Cluster.
What I had in mind was for users to login via CLI with our OIDC provider (vault login -method=oidc role="google_sso") and just set the fetched token in the VaultAuth manifest and be able to access secrets with their own permissions.
Is this in any way posible ? I wasn’t able to make it work with the JWT method and I don’t know how far I am from reality 
For example I had this kind of manifest:
apiVersion: secrets.hashicorp.com/v1beta1
kind: VaultAuth
metadata:
name: test-auth
namespace: test
spec:
method: jwt
jwt:
role: google_sso
secretRef: jwt-secret # Contains the token fetched from the CLI Vault login command
tokenExpirationSeconds: 3600
vaultConnectionRef: test/default
Thank you for the help !