diff --git a/pgweb/kustomization.yaml b/pgweb/kustomization.yaml
index cc2594b..7a8d974 100644
--- a/pgweb/kustomization.yaml
+++ b/pgweb/kustomization.yaml
@@ -2,7 +2,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
 - deployment.yaml
-- vault/serviceaccount.yaml
-- vault/secretstore.yaml
 - vault/pgweb-secret.yaml
 - ingress.yaml
diff --git a/pgweb/vault/pgweb-secret.yaml b/pgweb/vault/pgweb-secret.yaml
index d46f508..060c62a 100644
--- a/pgweb/vault/pgweb-secret.yaml
+++ b/pgweb/vault/pgweb-secret.yaml
@@ -6,7 +6,7 @@ metadata:
 spec:
   refreshInterval: 1h
   secretStoreRef:
-    kind: SecretStore
+    kind: ClusterSecretStore
     name: vault-backend
   target:
     name: pgweb-password
diff --git a/pgweb/vault/secretstore.yaml b/pgweb/vault/secretstore.yaml
deleted file mode 100644
index 4d8fede..0000000
--- a/pgweb/vault/secretstore.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-apiVersion: external-secrets.io/v1
-kind: SecretStore
-metadata:
-  name: vault-backend
-  namespace: pgweb
-spec:
-  provider:
-    vault:
-      server: http://vault.vault.svc.cluster.local:8200
-      path: secret
-      version: v2
-      auth:
-        kubernetes:
-          mountPath: kubernetes
-          role: pgweb
-          serviceAccountRef:
-            name: external-secrets
diff --git a/pgweb/vault/serviceaccount.yaml b/pgweb/vault/serviceaccount.yaml
deleted file mode 100644
index 94703eb..0000000
--- a/pgweb/vault/serviceaccount.yaml
+++ /dev/null
@@ -1,5 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: external-secrets
-  namespace: pgweb