How to get secrets from Vault into K8s without saving them as secrets

How can I inject secrets from Vault into K8s, e.g. to pull from a private registry, without storing them as secrets in K8s itself?

Solution

There are several ways to do this in combination with Vault, besides the solution provided by the K8s documentation:

Vault Secrets Operator for Kubernetes
vault-k8s
vault-csi-provider

Additionally, there is also an ArgoCD plugin that might be useful.

I linked the respective documentation where you can find more detailed information and tutorials, also here is an overview.

How does service discovery work with modern docker/docker-compose?
Eureka client in docker not connecting with Eureka server
Laravel flash messages not working as expected
how to add these settings to my php.ini in docker
Docker create network should ignore existing network
Docker - mysqld: Table 'mysql.plugin' doesn't exist
Breakpoints in vscode (Win 10) "unverified" and not hit when remote debugging Go app in Linux Docker container (Hyper-V)
How to fix "cannot find -lpq" error when using alpine linux docker image?
custom name resolution failing on docker container
pip dependencies from env yaml file missed during building docker container
After docker-compose build the docker-compose up run old not updated containers
Mongo DB deployment not working in kubernetes because processor doesn't have AVX support
How do I get into a Docker container's shell?
Reading an environment variable in react which was set by docker
Error 403 while running Docker image on Windows, but works on RHEL8
Docker container fails to build when installing GRPC
Que failing with Distillery release and Docker
Connecting from a docker container to the host on MacOS
Docker filling up storage on macOS
How to get Elastic Container Repository URI from Cloud Formation?
An exception has been raised that is likely due to a transient failure - connect local PostgreSQL to Docker container
Jenkins Pipeline Error: "Selected Git installation does not exist."
Docker Installation: ImportError: cannot import name '_gi' from 'gi' (/usr/lib/python3/dist-packages/gi/__init__.py)
How can I give a containerRegistry to a DevcontainersCi task in an Azure DevOps YAML Pipeline?
AttributeError: module 'numba' has no attribute 'generated_jit'
Deploying to Cloud Run with a custom service account failed with iam.serviceaccounts.actAs error
Why do I still getting error, Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock?
Postgres inside Docker container, how to log JSON to Loki via Promtail?
Can't install Kubernetes on Vagrant
How do I open another port in a docker nginx container (only in the container; so, NOT publishing which is the -p flag)?