Vault side car : Retrieve secrets from multiple Vault namespaces

divya07.s · February 8, 2022, 6:38pm

I have an application that talks to two postgresql databases that have their credentials stored in Vault in 2 different vault namespaces.

db1 → has credentials stored in “vault-namespace1”
db2 → has credentials stored in “vault-namespace2”
app1 – > running on “k8s-namespace1” and needs credentials of both db1 and db2.

Is there a way I can use Vault side car injector in my app to retrieve credentials from Vault for both db1 and db2 ? If yes, is there an example ?

aram · February 9, 2022, 7:00am

Each namespace has it’s own policy that’s attached to the auth that you’re using for the agent. AFAIK, there is no way of allowing one namespace to give any policy access to another namespace. My guess is that you’ll need to run two agents one attached to each namespace.

Topic		Replies	Views
Shared JWT store using Kubernetes Vault Injector across multiple namespaces Vault k8s , vault	0	687	January 19, 2022
Approle access to multiple namespaces Vault	1	719	June 9, 2023
Accessing secrets across multiple vault namespaces Nomad	0	259	March 12, 2021
Secrets management across namespaces without hierarchical relationship for kubernetes auth Vault k8s , vault	2	253	March 29, 2023
How to work with Vault k8s auth type on multiple namespace services? Vault	4	2365	January 25, 2022

Vault side car : Retrieve secrets from multiple Vault namespaces

Related topics