Flyte enables production-grade orchestration for machine learning workflows and data processing created to accelerate local workflows to production.

Flyte

<@U06RKAMK0UC> How do flyte secrets using the aws secret manager plugin get access to secrets? Is it through the IRSA assigned to the pod?

It seems likely that Flyte secrets using the AWS Secrets Manager plugin access secrets through the IAM roles assigned to the pods, which can be managed using IRSA (IAM Roles for Service Accounts). According to the <https://docs.flyte.org/en/latest/user_guide/productionizing/secrets.html|Flyte documentation>, when using the AWS secret management plugin, secrets need to be specified by naming them in the format `<SECRET_GROUP>:<SECRET_KEY>`, where the secret string is a plain-text value. The IAM roles associated with the pods would need the necessary permissions to access these secrets from AWS Secrets Manager.

Would you like more detail on this approach?

Sources:
- <https://discuss.flyte.org/t/12081956/is-there-a-way-to-set-postgres-and-s3-minio-passwords-as-sec/|https://discuss.flyte.org/t/12081956/is-there-a-way-to-set-postgres-and-s3-minio-passwords-as-sec/>
- <https://discuss.flyte.org/t/4732241/hi-everyone-i-am-new-to-k8s-and-flyte-but-i-managed-to-insta/|https://discuss.flyte.org/t/4732241/hi-everyone-i-am-new-to-k8s-and-flyte-but-i-managed-to-insta/> :+1: 0 button :-1: 0 button 💡 *Hint:* Mention @runllm in the thread for followups.