We do this at work but with custom "tooling".
It works this way. We create env variables from secret created by external 
secret operator (read from vault). Then we add an pre-init shell script that 
made the substitution where needed.

Best

On 06/02/2025 13:30, Prateek Kohli wrote:

> Hi,
>
> I am planning to create Kafka Connect Docker images and deploy them in a 
> Kubernetes cluster.
> I want to fetch sensitive configurations at both the worker and connector 
> levels from HashiCorp Vault. The authentication method I can use to log in to 
> Vault is Kubernetes authentication.
>
> Worker level configurations - bootstrap.servers, ssl.truststore.password etc.
> Connector level configurations - passwords, privatekeys
>
> I checked
> https://www.confluent.io/hub/confluentinc/csid-secrets-provider-vault
> provided by confluent, but it does not support Kubernetes Vault 
> authentication method.
>
> Is there any other Config Provider available that supports Kubernetes auth 
> method with Vault?
>
> Regards,
> Prateek Kohli

Reply via email to