From 36487286189762dbd95145bc4278685c3017098a Mon Sep 17 00:00:00 2001
From: Yaron Schneider <yaronsc@microsoft.com>
Date: Wed, 4 Mar 2020 15:52:56 -0800
Subject: [PATCH] Update secrets.md (#386)

---
 concepts/components/secrets.md | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/concepts/components/secrets.md b/concepts/components/secrets.md
index e460af047..df6df8987 100644
--- a/concepts/components/secrets.md
+++ b/concepts/components/secrets.md
@@ -6,6 +6,25 @@ In order to reference a secret, you need to set the `auth.secretStore` field to
 
 When running in Kubernetes, if the `auth.secretStore` is empty, the Kubernetes secret store is assumed.
 
+## Non default namespaces
+
+If your Dapr enabled apps are using components that fetch secrets from non-default namespaces, apply the following resource to the namespace:
+
+```
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: dapr-secret-reader
+subjects:
+- kind: ServiceAccount
+  name: default
+  namespace: <YOUR-NAMESPACE-HERE>
+roleRef:
+  kind: ClusterRole
+  name: secret-reader
+  apiGroup: rbac.authorization.k8s.io
+```
+
 ## Examples
 
 Using plain text: