Forum Discussion

lesliehuang's avatar
lesliehuang
Icon for Microsoft rankMicrosoft
Jun 19, 2024

Persistent volume with Azure Files on AKS

Based on our document, when we need to statically create persistent volume with Azure Files integration, we need to create Kubernetes Secret to store storage account name and access key. And assign t...
azure kubernetes service
Kidd_Ip's avatar
Kidd_Ip
MVP
Jan 18, 2025

Try this:

 

  • Create an Azure Key Vault: Set up an Azure Key Vault and store your storage account keys there.
  • Enable Secret Store CSI Driver: Enable the Secret Store CSI Driver in your AKS cluster. This driver allows Kubernetes to fetch secrets from Azure Key Vault.
  • Update Your PV YAML: Modify your persistent volume (PV) YAML to use the Secret Store CSI Driver instead of directly storing the storage account key in Kubernetes secrets.

 

Sample:

 

apiVersion: v1
kind: PersistentVolume
metadata:
  name: azurefile
spec:
  capacity:
    storage: 5Gi
  accessModes:
    - ReadWriteMany
  persistentVolumeReclaimPolicy: Retain
  storageClassName: azurefile
  csi:
    driver: secrets-store.csi.x-k8s.io
    readOnly: false
    volumeAttributes:
      secretProviderClass: azure-keyvault

 

Resources