Knowledge Base

What is the Gruntwork recommended way to pass secrets to EKS?

View full discussion in GitHub

Answer

A customer asked about terraform-aws-eks > With EKS specifically, what is the recommended way to pass secrets defined in AWS Secrets Manager to Kubernetes? What are the trade-offs?

The current recommendation is to pull it in to the app as part of the init scripts for the container, as we do in [the sample app](https://github.com/gruntwork-io/aws-sample-app) for the [Reference Architecture. ](https://gruntwork.io/reference-architecture/) However, in the future, we will definitely look into implementing for example [Secrets Store CSI Driver](https://secrets-store-csi-driver.sigs.k8s.io) for this.