diff --git a/kube-prometheus-stack/templates/grafana-oauth-sealed.yaml b/kube-prometheus-stack/templates/grafana-oauth-sealed.yaml
deleted file mode 100644
index 8ea4763..0000000
--- a/kube-prometheus-stack/templates/grafana-oauth-sealed.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-apiVersion: bitnami.com/v1alpha1
-kind: SealedSecret
-metadata:
-  creationTimestamp: null
-  name: grafana-oauth
-  namespace: kube-prometheus-stack
-spec:
-  encryptedData:
-    GF_AUTH_GENERIC_OAUTH_CLIENT_ID: AgB5Z3aF/3kvi4iktWVOdq42KvVKAY1Y0naw9aLQO6jOMwKNrUOz/dzAdwUW8K5z9b36onqRUnCTXDow0OPEpTOyvXJZWA0ex5aOw3tIjzBe8DUym8LGz8lX8y5gsPczNnObeqnI4FwuHObJAweveGbidJp9GscbK0fBq0jIK1vUJY2BFHcp0r5A66BZmWS0rS0W+UYA8TpN4UXOJ9X8bchRVOndECS3SaBNHXTxICUHh2MKvZkBtJCMuY+YnAKL4HKOfmERCMsJHQKwSU31pRwK0NlNk3ps8iO8CNCyMaH0y112yqDIuM7tiwVE0kNvh2zHH4VoyrImZfkq9zhf6l6lQEd2I5ZeiWKi+JTqA1MGGAMPKD+HM5M3ylQTfcFJaiyJ9Az+ZrSb5KtaNeWzutK8xdOTRP7K8g6tUNs/qHZipDnINnmFJujdjw28ACPpWSRs965NYvzOF5hda3e5gjidzglEUpCKbxgh/TXbdsl2ET8FTSXvdE4TYKgSlJcaqoo3nyBLssq5R/79rqSk/2Fm7u6NBzhbP5OoaY5911h1SpJ/DJFoOiaDfSUUOvEW5/fz2iUD0todjh9V2QJlNI3f6/UOgtXsp86yusnbX8SJm3nJW5FunBNSqGsIHPjo76Rd1kjMHMcvTuIFQvG0oxdJrXkGn5c0/RBaNMPlh7grAD/3fGFGXy0fdMMI4UMo+NeVEnq1zPq8sFh9uKvceB6GgXjpmK3J7wkMLU3jrlGbfqr0lW8oGVVP
-    GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET: AgAa2QBDTlPqBuONHWUFfD18/MMBlCB0VgkxX4OBqsgdaIIOxDvem/TVt7Diueu4RfBOrfozQLTr7joNkuv0Q7WUKK2VS6WyK6xmyn3fM5DbIM6v3qVSwFpkd0u1pbZv/1yg1/YyOOmwZ9s13OFideOeD5ha9aKDGtfwe4RzRv5zV46lpWZtoTfLGn0grgUv7KSZG5IxR+PK0kFeqpCxT5qgHYSWEI3+IW9L6XqVvsBhNt/rRjpnYQ1P1JsP0WxLr4x5Xyo30k0kHWoIJlAVL2TpXN8o6AS/447PY4RT6W+VHx5uEsKtmfWD1YCzbLIuWlqgjDXeaaLiz3y70Br93ZamL3VUk7Lu12K8faZw5ZVaOaV9qn7eW3UPFV33+wvY0QKsrS2AdYVMAwnNK82YhAqIloap5AuaGSXb4FBZxxNSCNdNvd1gTtx0QhekZHPNCef8Xu2ECh258qpLANZL7sV4L1E2TT+tcs+LXwXSC6oU0Qa1gT3+iY/Gwg/WL0QA1E1XPCBNq32gEDuVglRUEtN109ZgxmTVaytra5Y5O9gm5FSN9OlsuRm/feEUARerq9koRtx9Nme5zWL/2ty8bfaixksoqoacQ8fiicaTmPGysHjxWdAACiR4mGDOmAjPjPtq63Y4NYu6zlxXfpHKSnLQPhjr+rzAWpyYjtL9NIdFeD3elS1lq74QuVC5C/kDSVDGBnnPkms+NZqXyBTuJh5DOfS8+Vv+M1nw4b0l2Xe854FqztNpYSaY6sWBZ+EOUKUV7Gw1JChuimaC7z0U8cJwKWFRAqY+1wyj3/p4gn3cGm81BBIzn1cTrkElubPKVmOR2tr+wo05pzKaYUhIzaDCs7khpeXhkm54dddVn7FISw==
-  template:
-    metadata:
-      creationTimestamp: null
-      name: grafana-oauth
-      namespace: kube-prometheus-stack
-
diff --git a/kube-prometheus-stack/templates/grafana-secrets-sealed.yaml b/kube-prometheus-stack/templates/grafana-secrets-sealed.yaml
index 833b05f..cb6d440 100644
--- a/kube-prometheus-stack/templates/grafana-secrets-sealed.yaml
+++ b/kube-prometheus-stack/templates/grafana-secrets-sealed.yaml
@@ -1,17 +1,95 @@
-apiVersion: bitnami.com/v1alpha1
-kind: SealedSecret
-metadata:
-  creationTimestamp: null
-  name: grafana-admin-credentials
-  namespace: kube-prometheus-stack
-spec:
-  encryptedData:
-    admin-password: AgBJ8Qa8+CHmx8Su56BA/ikKb2nPFyyYkc2LBffuHKwHgeSNI6LfriTIS+UJgaq7fn2q0p/c4RO7jVtNC1q9hCgqNiyqHcHAtr1+j5ByviK1/v8FVjnT4vsdFuadOv9HdFI87sUx18r0n07u9BzH0G1MB6Tuc6M/OQjPGf2GOxW+muLiqO16BzsFu4eQyv3SlYSTH8EtlBhLVIZgF6n0J0da0KLJYwzhMulkMmq89oIg17TtNQTFU1zNgO+s2j2SxbCvS5NhlosMWQe1SdD+WCClsW7hwlqzKNZtYga6wIQjDYtGCGpLlr8X355se2kKzr4toyAnMnigx85dxMBGj9WizgBa28zuTWCR5RuNqFN9S1jvqL4PtXrgeUcic1WxRICYUD4IJ/uxvBTEdoXMlPnTo3qCgFMWVET+haCq27VdqFsa+zdcEBOHfXJffoX/fulit0C4tvyyGaTjRET43VRedICfadSHAOcmLDEe4QGd7Q2EYG4cY9AYPZeA42jCXVN4vOql2Dr2KoJgNmeKdHxiLegUhTeLZQ34YkOZaYvdM7dHesrjV8Eh0cZ72dqXm+uZbfeGlhFcA0lvY96F9R6BlLnuwzyb5HAvAgALymjP4UbDcx6Ux5EAvdZl+vMA6JW9WzwhNMK84WHuKRpFeqIpHL7EJWagcvSCcynRu81B3oWkn3KypAPXJ4jCHg2t5QJ9HurA+piKjJCGfAU=
-    admin-user: AgBq9gHXDVp2f949tDjHC9pBG1YC/YcQcY23HHIKxf7UZRvlwoQwI1Qfc+J1hM8At2UURd8/rsKlp/itaFFpMqxfbNQAtZMzzAUHwpoyhDlOxTUmsX4XSFEZgWbH8tAxy3LeKEnOedx+12hqrPzUgLTMns4GVyEySqQyA6rTAfiohRyqt4MzTdUUs16+L2L3+clDDi5/srt0kfLF9yHSUrMwfGS7KyDBkYk7ppj7TEHHoedxaPI7917L+a15qq4RMLMiBd5cLwGOnncFFT5UiTphc7l9IDa9W6jbTpEt2YS0y/h7RHRU3XDZKaUma1mIloYjHqk96Fr1+2AoDEwlj4gnPX04oeYohnakETMM9yX7wwlBweijMOXdMmT375/k9SkwPFNLmwfXIRAyaBpHIYEsAx1LPFyE2HkUpnawTY3aQ3AYkqDsd/CYWLxbhBymYciPVbjshdUYiluwVn8Prqv8CCC5tjFznKHqZztz65etyhWpkqZDiHkgEmeJySeamvh+LtlkQa0vAxZxO86N3+UDiDCHIhVbjP4kvIxPx3R5jpBkjbwdSdDsHHgyqQons2zCXcXxuq+ie7+iUrXQmbNplK9m8h0SSomYr1Zr0C1FGn1f64iHoVCk+3v9Be5sHDDTUTEiBSa4W01ZDw9oaIfDdPW8KhEm27e/L9DIIEt+jlRSciLGWSvIRU78ZLX4Gl5WkpRgH15u5VL9j+ML
-  template:
-    data: null
-    metadata:
-      creationTimestamp: null
-      name: grafana-admin-credentials
-      namespace: kube-prometheus-stack
+#apiVersion: bitnami.com/v1alpha1
+#kind: SealedSecret
+#metadata:
+#  creationTimestamp: null
+#  name: grafana-admin-credentials
+#  namespace: kube-prometheus-stack
+#spec:
+#  encryptedData:
+#    admin-password: AgBJ8Qa8+CHmx8Su56BA/ikKb2nPFyyYkc2LBffuHKwHgeSNI6LfriTIS+UJgaq7fn2q0p/c4RO7jVtNC1q9hCgqNiyqHcHAtr1+j5ByviK1/v8FVjnT4vsdFuadOv9HdFI87sUx18r0n07u9BzH0G1MB6Tuc6M/OQjPGf2GOxW+muLiqO16BzsFu4eQyv3SlYSTH8EtlBhLVIZgF6n0J0da0KLJYwzhMulkMmq89oIg17TtNQTFU1zNgO+s2j2SxbCvS5NhlosMWQe1SdD+WCClsW7hwlqzKNZtYga6wIQjDYtGCGpLlr8X355se2kKzr4toyAnMnigx85dxMBGj9WizgBa28zuTWCR5RuNqFN9S1jvqL4PtXrgeUcic1WxRICYUD4IJ/uxvBTEdoXMlPnTo3qCgFMWVET+haCq27VdqFsa+zdcEBOHfXJffoX/fulit0C4tvyyGaTjRET43VRedICfadSHAOcmLDEe4QGd7Q2EYG4cY9AYPZeA42jCXVN4vOql2Dr2KoJgNmeKdHxiLegUhTeLZQ34YkOZaYvdM7dHesrjV8Eh0cZ72dqXm+uZbfeGlhFcA0lvY96F9R6BlLnuwzyb5HAvAgALymjP4UbDcx6Ux5EAvdZl+vMA6JW9WzwhNMK84WHuKRpFeqIpHL7EJWagcvSCcynRu81B3oWkn3KypAPXJ4jCHg2t5QJ9HurA+piKjJCGfAU=
+#    admin-user: AgBq9gHXDVp2f949tDjHC9pBG1YC/YcQcY23HHIKxf7UZRvlwoQwI1Qfc+J1hM8At2UURd8/rsKlp/itaFFpMqxfbNQAtZMzzAUHwpoyhDlOxTUmsX4XSFEZgWbH8tAxy3LeKEnOedx+12hqrPzUgLTMns4GVyEySqQyA6rTAfiohRyqt4MzTdUUs16+L2L3+clDDi5/srt0kfLF9yHSUrMwfGS7KyDBkYk7ppj7TEHHoedxaPI7917L+a15qq4RMLMiBd5cLwGOnncFFT5UiTphc7l9IDa9W6jbTpEt2YS0y/h7RHRU3XDZKaUma1mIloYjHqk96Fr1+2AoDEwlj4gnPX04oeYohnakETMM9yX7wwlBweijMOXdMmT375/k9SkwPFNLmwfXIRAyaBpHIYEsAx1LPFyE2HkUpnawTY3aQ3AYkqDsd/CYWLxbhBymYciPVbjshdUYiluwVn8Prqv8CCC5tjFznKHqZztz65etyhWpkqZDiHkgEmeJySeamvh+LtlkQa0vAxZxO86N3+UDiDCHIhVbjP4kvIxPx3R5jpBkjbwdSdDsHHgyqQons2zCXcXxuq+ie7+iUrXQmbNplK9m8h0SSomYr1Zr0C1FGn1f64iHoVCk+3v9Be5sHDDTUTEiBSa4W01ZDw9oaIfDdPW8KhEm27e/L9DIIEt+jlRSciLGWSvIRU78ZLX4Gl5WkpRgH15u5VL9j+ML
+#  template:
+#    data: null
+#    metadata:
+#      creationTimestamp: null
+#      name: grafana-admin-credentials
+#      namespace: kube-prometheus-stack
+#
+#---
+#
+#apiVersion: bitnami.com/v1alpha1
+#kind: SealedSecret
+#metadata:
+#  creationTimestamp: null
+#  name: grafana-oauth
+#  namespace: kube-prometheus-stack
+#spec:
+#  encryptedData:
+#    GF_AUTH_GENERIC_OAUTH_CLIENT_ID: AgB5Z3aF/3kvi4iktWVOdq42KvVKAY1Y0naw9aLQO6jOMwKNrUOz/dzAdwUW8K5z9b36onqRUnCTXDow0OPEpTOyvXJZWA0ex5aOw3tIjzBe8DUym8LGz8lX8y5gsPczNnObeqnI4FwuHObJAweveGbidJp9GscbK0fBq0jIK1vUJY2BFHcp0r5A66BZmWS0rS0W+UYA8TpN4UXOJ9X8bchRVOndECS3SaBNHXTxICUHh2MKvZkBtJCMuY+YnAKL4HKOfmERCMsJHQKwSU31pRwK0NlNk3ps8iO8CNCyMaH0y112yqDIuM7tiwVE0kNvh2zHH4VoyrImZfkq9zhf6l6lQEd2I5ZeiWKi+JTqA1MGGAMPKD+HM5M3ylQTfcFJaiyJ9Az+ZrSb5KtaNeWzutK8xdOTRP7K8g6tUNs/qHZipDnINnmFJujdjw28ACPpWSRs965NYvzOF5hda3e5gjidzglEUpCKbxgh/TXbdsl2ET8FTSXvdE4TYKgSlJcaqoo3nyBLssq5R/79rqSk/2Fm7u6NBzhbP5OoaY5911h1SpJ/DJFoOiaDfSUUOvEW5/fz2iUD0todjh9V2QJlNI3f6/UOgtXsp86yusnbX8SJm3nJW5FunBNSqGsIHPjo76Rd1kjMHMcvTuIFQvG0oxdJrXkGn5c0/RBaNMPlh7grAD/3fGFGXy0fdMMI4UMo+NeVEnq1zPq8sFh9uKvceB6GgXjpmK3J7wkMLU3jrlGbfqr0lW8oGVVP
+#    GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET: AgAa2QBDTlPqBuONHWUFfD18/MMBlCB0VgkxX4OBqsgdaIIOxDvem/TVt7Diueu4RfBOrfozQLTr7joNkuv0Q7WUKK2VS6WyK6xmyn3fM5DbIM6v3qVSwFpkd0u1pbZv/1yg1/YyOOmwZ9s13OFideOeD5ha9aKDGtfwe4RzRv5zV46lpWZtoTfLGn0grgUv7KSZG5IxR+PK0kFeqpCxT5qgHYSWEI3+IW9L6XqVvsBhNt/rRjpnYQ1P1JsP0WxLr4x5Xyo30k0kHWoIJlAVL2TpXN8o6AS/447PY4RT6W+VHx5uEsKtmfWD1YCzbLIuWlqgjDXeaaLiz3y70Br93ZamL3VUk7Lu12K8faZw5ZVaOaV9qn7eW3UPFV33+wvY0QKsrS2AdYVMAwnNK82YhAqIloap5AuaGSXb4FBZxxNSCNdNvd1gTtx0QhekZHPNCef8Xu2ECh258qpLANZL7sV4L1E2TT+tcs+LXwXSC6oU0Qa1gT3+iY/Gwg/WL0QA1E1XPCBNq32gEDuVglRUEtN109ZgxmTVaytra5Y5O9gm5FSN9OlsuRm/feEUARerq9koRtx9Nme5zWL/2ty8bfaixksoqoacQ8fiicaTmPGysHjxWdAACiR4mGDOmAjPjPtq63Y4NYu6zlxXfpHKSnLQPhjr+rzAWpyYjtL9NIdFeD3elS1lq74QuVC5C/kDSVDGBnnPkms+NZqXyBTuJh5DOfS8+Vv+M1nw4b0l2Xe854FqztNpYSaY6sWBZ+EOUKUV7Gw1JChuimaC7z0U8cJwKWFRAqY+1wyj3/p4gn3cGm81BBIzn1cTrkElubPKVmOR2tr+wo05pzKaYUhIzaDCs7khpeXhkm54dddVn7FISw==
+#  template:
+#    metadata:
+#      creationTimestamp: null
+#      name: grafana-oauth
+#      namespace: kube-prometheus-stack
 
+---
+
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: vault-kube-prometheus
+spec:
+  secretStoreRef:
+    name: vault-kube-prometheus
+    kind: SecretStore
+  target:
+    name: grafana-oauth
+  data:
+  - secretKey: GF_AUTH_GENERIC_OAUTH_CLIENT_ID
+    remoteRef:
+      key: kube-prometheus/grafana/oauth
+      property: GF_AUTH_GENERIC_OAUTH_CLIENT_ID
+  - secretKey: GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET
+    remoteRef:
+      key: kube-prometheus/grafana/oauth
+      property: GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET     
+         
+---
+
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: vault-kube-prometheus
+spec:
+  secretStoreRef:
+    name: vault-kube-prometheus
+    kind: SecretStore
+  target:
+    name: grafana-admin-credentials
+  data:
+  - secretKey: admin-password
+    remoteRef:
+      key: kube-prometheus/grafana/admin
+      property: admin-password
+  - secretKey:  admin-user 
+    remoteRef:
+      key: kube-prometheus/grafana/admin
+      property:  admin-user     
+
+---
+
+apiVersion: external-secrets.io/v1beta1
+kind: SecretStore
+metadata:
+  name: vault-kube-prometheus
+spec:
+  provider:
+    vault:
+      server: "http://vault.vault.svc.cluster.local:8200"
+      path: "kube-prometheus"
+      version: "v2"
+      auth:
+        kubernetes:
+          mountPath: "kubernetes"
+          role: "external-secrets"
\ No newline at end of file