Our Just-in-Time Rotation feature is now live, and you can explore it for free on our platform! We shared our plans in a recent blog post: Async Rotation and after gathering feedback and listening to requests from our community and partners, we officially launched this feature with a focus on real-world use cases. Many organizations face the challenge of waiting for data to sync within a refresh interval. Just-in-Time Rotation solves this by ensuring that updated secrets are available immediately upon changes in the source of truth or triggered by supported event sources.
Why should I care? This piece will be useful to you if you need to ensure that workloads in your cluster don’t have cluster-scoped access to resources, even if they are controllers that one would typically consider closer to the control plane than to individual workloads. You are probably looking for ways to configure external secrets management with namespace isolation or more specifically how to configure ESO (External Secrets Operator – external-secrets) through a namespaced approach.
At numerous events, in our community forums, and even on our Slack channels, we’ve heard a growing demand for a feature that gives users more control over how and when secrets are reconciled by the External Secrets Operator (ESO). Specifically, many of you have expressed the need to trigger a reconciliation of secrets based on external events rather than relying solely on the predefined refresh intervals. We listened, we’re excited to say that we are working on a new feature in the enterprise offering of External Secrets: Async Rotation (Immediate Synchronization).