I'm trying to use parameter store and secret manager in my EKS cluster but i keep getting this error:
MountVolume.SetUp failed for volume "secrets-store-inline" : rpc error: code = Unknown desc = failed to get secretproviderclass fastcode/helloworld-secrets, error: SecretProviderClass.secrets-store.csi.x-k8s.io "helloworld-secrets" not found
and inside secret store provider logs:
secretproviderclasspodstatus_controller.go:99] "failed to patch secret owner ref" err="failed to get spc helloworld-secrets, err: SecretProviderClass.secrets-store.csi.x-k8s.io "helloworld-secrets" not found"
Both pod and SecretProviderClass are created with helm.
SecretProviderClass and pods are in the same namespace
apiVersion: secrets-store.csi.x-k8s.io/v1
kind: SecretProviderClass
metadata:
name: helloworld-secrets
spec:
provider: aws
parameters:
objects: |
- objectName: "/password/db"
objectType: "ssmparameter"
objectAlias: "dbpassword"
- objectName: "/password/instance"
objectType: "ssmparameter"
objectAlias: "dbinstancepassword"
volumes:
- name: secrets-store-inline
csi:
driver: secrets-store.csi.k8s.io
readOnly: true
volumeAttributes:
secretProviderClass: "helloworld-secrets"
What should i do?
Thanks
OFICIAL DE AWSActualizada hace un año
Do the parameter store parameters exist, and do your pods have access to the parameter as well as any KMS key that would be needed to decrypt the values?