Applications running on Kubernetes require access to sensitive information (passwords, SSH keys and authentication tokens). But how do you configure your applications when the source of truth for these secrets is an external secret store? What if you need to store, retrieve and perform zero touch rotation of these secrets securely? Meet the (Secrets Store) CSI Driver and Sync Controller, sig-auth subprojects providing a simple way to retrieve secrets from enterprise-grade external stores such as Azure Key Vault, Google Secret Manager and HashiCorp Vault.

In this lightning talk, Anish will introduce you to the (Secrets Store) CSI driver and Sync controller and discuss trade-offs of the CSI driver versus Sync controller.