KEDA Hashicorp Vault TLS Authentication #5949
Unanswered
jackhernandez92
asked this question in
Q&A / Need Help
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hey guys, I've been stuck on this for a couple of days now and wondered if anyone can point me in the right direction.
If my understanding is correct, I need to leverage the
hashiCorpVaultTLS
parameter in the Helm chart for the keda operator, which I've done and it points to my k8s secret which contains my vault CA. It looks like this gets mounted to /hashicorp-vaultcerts in the container. Is this automatically sourced by the TriggerAuthentication resource? The secret contains my vault ca.crt, tls.crt and tls.key and I use these on other services for injecting vault credentials just fine, but for some reason I get the following:It feels like maybe the vault cert I'm passing to the KEDA operator isn't being used by TriggerAuthentication but it doesn't look like there's much to configure here other than setting
hashiCorpVaultTLS
.Here's my TriggerAuthentication:
The keda-operator vault role is bound to the keda-operator service account and has a policy that allows it to read those secrets. I've tested on a dummy pod and this part works just fine.
Any help would be much appreciated. Thanks! :)
Beta Was this translation helpful? Give feedback.
All reactions