Skip to content

HOWTO: ESO and Azure Key Vault Secrets

Configure External Secrets Operator to consume secrets from Azure Key Vault for Azure-primary or hybrid deployments. Covers SecretStore, ExternalSecret resources, and rotation lifecycle aligned with ADR-0502.

What this covers:

  • ESO SecretStore and ExternalSecret configuration for AKV
  • Managed identity vs service principal authentication options
  • Rotation lifecycle and Kubernetes Secret synchronisation validation

Learn this in Academy: Security & Secrets track