How to make available secrets manager secrets as environmental variables in aws eks

I'm following this guide.
https://docs.aws.amazon.com/secretsmanager/latest/userguide/integrating_csi_driver.html

Using this we can only mount aws secret manager secrets in aws eks

Now applications like Django etc need those secrets as ENVIRONMENTAL VARIABLES. So how do I make available AWS secrets manager secrets in aws eks as pod environmental variables very Securely?

Also for applications which depend on secrets in environmental variables, Is making available sensitive secrets in ENVIRONMENTAL VARIABLES the only secure/advisable option?

Thanks

You can use the Secret Store CSI Driver for Secrets Manager to synchronize secrets in Secrets Manager with Kubernetes Secrets. Once the secrets are stored as Kubernetes secrets you can consume them as environment variables or mounts. It's "safer" to consume them as mounts because environment variables can leak in logs, configuration, etc. See https://secrets-store-csi-driver.sigs.k8s.io/topics/sync-as-kubernetes-secret.html and https://aws.amazon.com/blogs/security/how-to-use-aws-secrets-configuration-provider-with-kubernetes-secrets-store-csi-driver/ for additional information on how to configure the driver. If you don't want to use the CSI driver, you can use https://external-secrets.io/v0.8.1/.