[Bug]: Secret Manager Provider - existing AWS secret is not reconciled/imported by provider #1565
Open
1 task done
Labels
Comments
1 task
|
any updates regarding it? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is there an existing issue for this?
Affected Resource(s)
secretsmanager.aws.upbound.io/v1beta1
Resource MRs required to reproduce the bug
No response
Steps to Reproduce
Create a secret in a cluster with managementPolicies * (star), simulating a cluster migration, apply same K8s Managed Resource in another cluster
What happened?
Upon 2nd cluster apply, provider cannot reconcile/import the resource, attempting to recreate secret (instead of importing) ResourceExistsException: The operation failed because the secret blabla already exists. []}]
Relevant Error Output Snippet
No response
Crossplane Version
v1.16
Provider Version
v1.17.0
Kubernetes Version
No response
Kubernetes Distribution
No response
Additional Info
Doing same action on other resource, like SQS or SNS, it works properly, providers recognize upon spec provider information, and import the resource / reconcile, automatically adding crossplane.io/external-name annotation.
For secret manager, the only way to make it importing the resource is by manually adding the annotation with the ARN ref, which makes the migration from cluster to cluster very complex from our side... It's expected that Secret Manager will be able to discover the resources and reconcile, automatically, if having policy "Observe" included (* star includes it)
The text was updated successfully, but these errors were encountered: