K
Q

Can we store the TLS certificates in Azure Key vault as a secret and use the same in Ingress in Azure Kubernetes service

12/9/2019

To allow Kubernetes to use the TLS certificate and private key for the ingress controller, you create and use a Secret. Instead of this cant we store the .crt and .key files in Azure Key vault and create a secret and use it in Ingress?

The below article describe the steps for creating Kubernetes secret and use it in Ingress object https://docs.microsoft.com/en-us/azure/aks/ingress-own-tls

Is there any way instead of Kubernetes secrets can we use azure key vault? If so can you please give some suggestion or how can we achieve this?

-- Rajesh Saradka Narayana
azure-keyvault
azure-kubernetes
kubernetes-ingress

Similar Questions

why not create multiple containers instead of using kubernetes
Providing DNS for Kubernetes services with bare metal load balancer
Service deployed on EKS does not answer on its EXTERNAL-IP
How to get an Istio VirtualService to vary routes by header along with uri
Restart pod when spring vault renew token does not work
Use Application Load Balancers | Helm chart | AWS
How to enable Alert manager pick alert manager configs from a new kubernetes namespace?

1 Answer

2/12/2020

The best approach would be using azure FlexVol https://github.com/Azure/kubernetes-keyvault-flexvol and getting your secret from an attached volume to the pod.

Please refer to the official documentation for more details and options.

-- Chams Mansouri
Source: StackOverflow