vault-k8s-auth
Installation
SKILL.md
Vault Kubernetes Auth
Services on Kubernetes authenticate to Vault using the Kubernetes auth method
via the hvac library. This applies to any Python service the team deploys on
the cluster — not just Dagster.
Environment variables
Never hardcode the Vault role or mount path. Always read them from environment variables:
| Variable | Purpose |
|---|---|
VAULT_ADDR |
URL of the Vault server |
VAULT_ROLE |
Vault role bound to the pod's Kubernetes service account |
VAULT_K8S_MOUNT |
Vault Kubernetes auth mount path |
Example wiring: