We do this at work but with custom "tooling". It works this way. We create env variables from secret created by external secret operator (read from vault). Then we add an pre-init shell script that made the substitution where needed.
Best On 06/02/2025 13:30, Prateek Kohli wrote: > Hi, > > I am planning to create Kafka Connect Docker images and deploy them in a > Kubernetes cluster. > I want to fetch sensitive configurations at both the worker and connector > levels from HashiCorp Vault. The authentication method I can use to log in to > Vault is Kubernetes authentication. > > Worker level configurations - bootstrap.servers, ssl.truststore.password etc. > Connector level configurations - passwords, privatekeys > > I checked > https://www.confluent.io/hub/confluentinc/csid-secrets-provider-vault > provided by confluent, but it does not support Kubernetes Vault > authentication method. > > Is there any other Config Provider available that supports Kubernetes auth > method with Vault? > > Regards, > Prateek Kohli