Automatically register and generate AWS, GCP & Azure IAM roles, X.509 certificates and username/password pairs for Kubernetes pods using cert-manager, CNCF SPIRE or Otterize Cloud
Users have requested to be able to configure the credentials operator to not delete AWS IAM roles and policies, but instead tag them as unused, a sort of "soft delete" mode.
@omris94 please add info on how this feature will be configured
Issue: Some applications might not watch the secrets for updates. If the certificate expires it will cause a running application to fail to communicate. Currently, users have to support it in their applications or use solutions like wave.
Let's add support for configurable pod-restart on certificate renewal with annotation.