-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
external secrets are not synched in examples/external-secrets example #1655
Comments
tracking in aws-ia/terraform-aws-eks-blueprints-addons#185 |
My workaround had to create secretstore_sa myself, specify service_account_name in the addon, and fix secretstore_role
|
just a note for newbies ( like me ) that the main issue is not closed; just closed here and relocated. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
The two
ClusterSecretStore
andSecretStore
custom resources use IRSA to access AWS secret manager and SSM parameter store, but service accounts specified in theses two resources are not being created.Unlike the local
../../modules/irsa
module, theterraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks
module does not create Kubernetes service account resources. Since no service accounts are being created,ClusterSecretStore
andSecretStore
resources will be created with anInvalidProviderConfig
status.K8s service account for the external secret controller is created by the helm chart. However
ClusterSecretStore
andSecretStore
resources are using two separate service accounts (cluster-secretstore-sa
andsecretstore-sa
), which were used to be created by the local irsa module, but after migrating to theiam-role-for-service-accounts-eks
module these two service accounts are NOT being created.Versions
Module version [Required]: ~> 1.0
Terraform version: v1.2.2
Reproduction Code [Required]
Steps to reproduce the behavior:
Run
terraform apply
inexamples/external-secrets
directory.Expected behaviour
Actual behaviour
Terminal Output Screenshot(s)
Additional context
The text was updated successfully, but these errors were encountered: