How to enable the Azure Key Vault Provider for Secrets Store CSI Driver in an Azure Kubernetes Cluster (AKS) cluster using Bicep

The Azure Key Vault Provider for Secrets Store CSI Driver allows code running on pods in AKS to pull secrets from an Azure Key Vault. The existing documentation shows you how to do this using the Azure CLI. Here is how to do the same using a Bicep template.

YAML
resource aks 'Microsoft.ContainerService/managedClusters@2021-03-01' = {
  name: aksName
  location: location  
  properties: {
    kubernetesVersion: '1.24.6'
    ...
    addonProfiles: {     
      azureKeyVaultSecretsProvider: {
        enabled: true
        config: {
          enableSecretRotation: 'true'
          rotationPollInterval: '120s'
        }
      }
    }
  }
  identity: {
    type: 'SystemAssigned'
  }
}

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *