This repository has been archived by the owner on Jul 26, 2022. It is now read-only.
scoping access
#677
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I am using IRSA for external-secrets to fetch secrets from AWS, and this IAM role has cluster-level permission.
I know we can add the annotation in the namespace for scoping access, but our security team was challenging me if we miss the annotation in some namespace then the namespace has the cluster-level permission to fetch all keys by default.
do I have any way to set it up like if no annotations specified, then external-secret can not insert into the namespace?
thanks a lot.
Beta Was this translation helpful? Give feedback.
All reactions