-
Epic
-
Resolution: Unresolved
-
Major
-
None
-
None
-
Azure workload identity Service Account Signer Key Rotation
-
False
-
None
-
False
-
Not Selected
-
To Do
-
OCPSTRAT-1727 - Signing keys rotation with Openshift Azure Entra Workload ID enabled clusters
-
OCPSTRAT-1727Signing keys rotation with Openshift Azure Entra Workload ID enabled clusters
-
75% To Do, 25% In Progress, 0% Done
As an OpenShift Administrator, I need to ensure that I rotate signing keys for self-managed Openshift Azure Entra Workload ID enabled clusters to comply with PCI-DSS v4 (see #8 on life cycle management) and NIST (see PCI “Tokenization Product Security Guidelines”) rules.
Enable support for rotating service account signer keys for OIDC issuer for customers who configure Azure ManualMode w/ workload identity option.