[arianvanp]

It's not really clear for me from the docs. But can you now use kubernetes secrets to not be stored in etcd but in vault? Or is just the token retrieval part fixed? The docs are a bit terse and don't mention much stuff on how you'd actually use it.

If I create a kubernetes secret will it be stored in vault if I set some magic switch? Or are we not there yet?

[jaxxstorm]

Not there yet. You can store secrets in Vault, and now a kubernetes pod can authenticate against Vault which will allow it to retrieve secrets. If you're running your app in k8s, your app will be able to use the configured token to get to vault.

[arianvanp]

Thanks. But it seems like a good first step into the right direction!