function Reset-MinikubeSecrets {
<#
    .SYNOPSIS
        Resets secrets used in the local service development environment

    .DESCRIPTION
        Resets secrets used in the local service development environment: aws access key, ecr access key, kerberos ticket

    .PARAMETER AwsProfile
        [string] Will use the specified AWS profile when refreshing AWS credentials

    .EXAMPLE
        Refresh-Secrets -AwsProfile SRE
#>
    [CmdletBinding()]
    param(
        [Parameter(Mandatory = $false)]
        [string]$AwsProfile = "Dev"
    )

    $ErrorActionPreference = "Stop"
    $logLead = (Get-LogLeadName)
    $tempAwsProfile = "temp-$AwsProfile".ToLower()

    Write-Host "$logLead : Verifying kube context..."

    kubectl config use-context minikube

    Write-Host "$logLead : Refreshing aws session with profile: $tempAwsProfile..."

    Update-AWSProfile -Profile $AwsProfile
    $AWS_ECR_LOGIN = aws ecr get-login-password --region us-east-1 --profile $tempAwsProfile
    docker login --username AWS --password $AWS_ECR_LOGIN 327695573722.dkr.ecr.us-east-1.amazonaws.com
    docker login --username AWS --password $AWS_ECR_LOGIN 790953160341.dkr.ecr.us-east-1.amazonaws.com

    Write-Host "$logLead : Re-Mounting docker credentials for ECR access..."

    $DOCKER_AWS_AUTH = [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes("AWS:$AWS_ECR_LOGIN"))
    $DOCKER_CONFIG_JSON = "
    {
        'auths': {
            '327695573722.dkr.ecr.us-east-1.amazonaws.com': {
                'auth': '$DOCKER_AWS_AUTH'
            },
            '790953160341.dkr.ecr.us-east-1.amazonaws.com': {
                'auth': '$DOCKER_AWS_AUTH'
            }
        }
    }" -replace "'", '"'

    $DOCKER_CONFIG_JSON | Out-File dockerconfig.json -Encoding Ascii

    if (kubectl get secret awsecr-cred -n localhost --ignore-not-found --output=yaml) {
        Write-Host "$logLead : Deleting existing Kubernetes ECR access secret: awssecr-cred..."
        kubectl delete secret awsecr-cred -n localhost
    }

    Write-Host "$logLead : Creating Kubernetes ECR access secret: awssecr-cred..."
    kubectl create secret generic awsecr-cred -n localhost --from-file=.dockerconfigjson=dockerconfig.json --type=kubernetes.io/dockerconfigjson
    Remove-Item dockerconfig.json

    Write-Host "$logLead : Re-Mounting config map for AWS resource access..."

    $AWS_ACCESS_KEY_ID = aws configure get aws_access_key_id --profile $tempAwsProfile
    $AWS_SECRET_ACCESS_KEY = aws configure get aws_secret_access_key --profile $tempAwsProfile
    $AWS_SESSION_TOKEN = aws configure get aws_session_token --profile $tempAwsProfile

    if (kubectl get configmap aws-config -n localhost --ignore-not-found --output=yaml) {
        Write-Host "$logLead : Deleting existing Kubernetes AWS access config map: aws-config..."
        kubectl delete configmap aws-config -n localhost
    }

    Write-Host "$logLead : Creating Kubernetes AWS access config map: aws-config..."
    kubectl create configmap aws-config -n localhost --from-literal=AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID --from-literal=AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY --from-literal=AWS_SESSION_TOKEN=$AWS_SESSION_TOKEN

    Write-Host "$logLead : Re-Mounting Kerberos ticket for database access..."

    Write-Host "$logLead : Purging existing Kerberos tickets..."
    klist purge

    Write-Host "$logLead : Obtaining new Kerberos ticket..."
    kinit

    if (kubectl get configmap kerberos-config -n localhost --ignore-not-found --output=yaml) {
        Write-Host "$logLead : Deleting existing Kerberos ticket config map: kerberos-config..."
        kubectl delete configmap kerberos-config -n localhost
    }

    Write-Host "$logLead : Creating Kerberos ticket config map: kerberos-config..."
    kubectl create configmap kerberos-config -n localhost --from-file=c:\ProgramData\MIT\Kerberos5\
}