Loading...

XML

Word

Printable

Type: Epic
Resolution: Unresolved
Priority: Major
Fix Version/s: None
Affects Version/s: None
Labels:

Epic Name:
Azure workload identity Service Account Signer Key Rotation
Blocked:
False
Blocked Reason:
None
Ready:
False
Color Status:
Not Selected
Epic Status:
To Do
Feature Link:
OCPSTRAT-1727 - Signing keys rotation with Openshift Azure Entra Workload ID enabled clusters
Parent Link:
OCPSTRAT-1727Signing keys rotation with Openshift Azure Entra Workload ID enabled clusters
Hierarchy Progress Bar:

75% To Do, 0% In Progress, 25% Done
Size:
S

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

Intelligence Requested:
Market:

As an OpenShift Administrator, I need to ensure that I rotate signing keys for self-managed short-term credentials enabled clusters (Openshift Azure Entra Workload ID, GCP Workload Identity, AWS STS) to comply with PCI-DSS v4 (see #8 on life cycle management) and NIST (see PCI “Tokenization Product Security Guidelines”) rules.

is duplicated by

CCO-494 [Spike] Document how to rotate service accounts on GCP

Closed

CCO-578 AWS STS Service Account Signer Key Rotation

Closed

links to

https://access.redhat.com/articles/regenerating_cluster_certificates

https://github.com/abutcher/sa-key-rotation

Assignee:: Jeremiah Stuever

Reporter:: Jeremiah Stuever

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2024/10/23 8:57 PM

Updated:: 2024/11/21 8:05 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates