Vault side car : Retrieve secrets from multiple Vault namespaces

I have an application that talks to two postgresql databases that have their credentials stored in Vault in 2 different vault namespaces.

db1 → has credentials stored in “vault-namespace1”
db2 → has credentials stored in “vault-namespace2”
app1 – > running on “k8s-namespace1” and needs credentials of both db1 and db2.

Is there a way I can use Vault side car injector in my app to retrieve credentials from Vault for both db1 and db2 ? If yes, is there an example ?

Each namespace has it’s own policy that’s attached to the auth that you’re using for the agent. AFAIK, there is no way of allowing one namespace to give any policy access to another namespace. My guess is that you’ll need to run two agents one attached to each namespace.