How to protect against the confused deputy problem?

[yann-soubeyrand]

Hello,

We’re using Sops in multi-tenant environments (https://dev.to/camptocamp-ops/argo-cd-secrets-management-using-sops-1eke), but, unless I’m mistaken, we’re vulnerable to the confused deputy problem, where one tenant can trick the system running Sops into decrypting another tenant’s encrypted file.

If I understand correctly, authenticated encryption with associated data (for example using AWS KMS security context) could protect us. However, there seems to be no way to pass the security context to Sops at decryption time, and relying on the security context in the encrypted file fails at protecting us against the confused deputy problem.

Am I missing something here?