[CORS-3862] Remove creation of user-assigned identity - Red Hat Issue Tracker

Type: Story
Resolution: Unresolved
Priority: Undefined
Fix Version/s: None
Affects Version/s: None
Component/s: None
Labels:
None

Story Points:
2
Blocked:
False
Blocked Reason:
None
Ready:
False
Epic Link:
Azure Identity Refactor
Feature Link:
OCPSTRAT-1916 - Azure - Remove not required permissions from the Nodes
Intelligence Requested:
Market:

Sprint:
Installer Sprint 268

SFDC Cases Links:
SFDC Cases Open:
SFDC Cases Counter:

We are creating a user-assigned identity in the installer SDK. Testing shows that this identity is unnecessary (and we have a customer case where they would like to backport this). Removing the creation of this identity will simplify the configuration we need to maintain for the Azure & Azure stack install paths.

Acceptance Criteria:

Description of criteria:

No longer creating the identity, clusters still install successfully

Engineering Details:

Originally these identities were used to authenticate the kubelet but now that is handled by credentials requests
https://github.com/openshift/installer/blob/main/pkg/infrastructure/azure/azure.go#L147
When that is removed, the machine manifests would also need to be updated to not expect the user assigned identity

This requires/does not require a design proposal.
This requires/does not require a feature gate.

is depended on by

CORS-3272 Provision Azure Stack Infra with CAPI

In Progress

Assignee:: Unassigned

Reporter:: Patrick Dillon

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2025/01/27 8:27 PM

Updated:: 2025/03/15 12:37 AM

Details

Description

Acceptance Criteria:

Engineering Details:

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates