When you are setting up mutli-cluster Istio, you need to manually create an Istio remote secret for every cluster you add in order to give istiod access to the API server of the other clusters. In a multi-primary setup, this is n * n-1 secrets which doesn't scale. These secrets ideally would also be rotated periodically. Doing this without automation is time consuming and error prone.

We need some automation in place to help users more easily manage their remote secrets. This may tie into automation that ACM already has in place for managing remote secrets in clusters.