diff --git a/cmd/azure-keyvault-controller/controller/azureKeyVaultSecret.go b/cmd/azure-keyvault-controller/controller/azureKeyVaultSecret.go
index e5e65f51..bf1bdfbe 100644
--- a/cmd/azure-keyvault-controller/controller/azureKeyVaultSecret.go
+++ b/cmd/azure-keyvault-controller/controller/azureKeyVaultSecret.go
@@ -228,15 +228,16 @@ func (c *Controller) syncAzureKeyVault(key string) error {
 
 			klog.InfoS("updating with recent changes from azure key vault", "azurekeyvaultsecret", klog.KObj(akvs), "secret", klog.KRef(akvs.Namespace, akvs.Spec.Output.Secret.Name))
 			existingSecret, err := c.kubeclientset.CoreV1().Secrets(akvs.Namespace).Get(context.TODO(), akvs.Spec.Output.Secret.Name, metav1.GetOptions{})
+			var updatedSecret *corev1.Secret
 			if err != nil {
-				return fmt.Errorf("failed to get existing secret %s, error: %+v", akvs.Spec.Output.Secret.Name, err)
-			}
-
-			updatedSecret, err := createNewSecretFromExisting(akvs, secretValue, existingSecret)
-			if err != nil {
-				return fmt.Errorf("failed to update existing secret %s, error: %+v", akvs.Spec.Output.Secret.Name, err)
+				klog.InfoS("failed to get existing secret %s, error: %+v", akvs.Spec.Output.Secret.Name, err)
+				updatedSecret = createNewSecret(akvs, secretValue)
+			} else {
+				updatedSecret, err = createNewSecretFromExisting(akvs, secretValue, existingSecret)
+				if err != nil {
+					return fmt.Errorf("failed to update existing secret %s, error: %+v", akvs.Spec.Output.Secret.Name, err)
+				}
 			}
-
 			secret, err := c.kubeclientset.CoreV1().Secrets(akvs.Namespace).Update(context.TODO(), updatedSecret, metav1.UpdateOptions{})
 			if err != nil {
 				return fmt.Errorf("failed to update secret, error: %+v", err)