Loading...

XML

Word

Printable

Details

Type: Epic
Resolution: Unresolved
Priority: Undefined
Fix Version/s: None
Affects Version/s: None
Component/s: None
Labels:
- hypershif
- hypershift-qe

Epic Name:
Secret encryption
Blocked:
False
Blocked Reason:
None
Ready:
False
Color Status:
Not Selected
Epic Status:
To Do
Feature Link:
OCPSTRAT-980 - Enforce Data/Secret Encryption for the Control-Planes, Etcd, and Nodes
Parent Link:
OCPSTRAT-980Enforce Data/Secret Encryption for the Control-Planes, Etcd, and Nodes
Hierarchy Progress:
32
Hierarchy Progress Bar:

32% 32%

Sprint:
Hypershift Sprint 245, Hypershift Sprint 246, Hypershift Sprint 247
Cost of Delay:
0
WSJF:
0
Risk Score:
0

SFDC Cases Links:
SFDC Cases Counter:

Description

User Story:

As a service provider/consumer I want to make sure secrets are encrypted with key owned by the consumer

Acceptance Criteria:

Expose and propagate input for kms secret encryption similar to what we do in AWS.

https://github.com/openshift/hypershift/blob/90aa44d064f6fe476ba4a3f25973768cbdf05eb5/api/v1beta1/hostedcluster_types.go#L1765-L1790

See related discussion:

https://redhat-internal.slack.com/archives/CCV9YF9PD/p1696950850685729

(optional) Out of Scope:

Detail about what is specifically not being delivered in the story

Engineering Details:

(optional) https://github/com/link.to.enhancement/
(optional) https://issues.redhat.com/link.to.spike
Engineering detail 1
Engineering detail 2

This requires/does not require a design proposal.
This requires/does not require a feature gate.

Attachments

Issue Links

links to

openshift/hypershift#3183: HOSTEDCP-1234: Add KMS support on Azure clusters using Azure Key Vault

mentioned on

Merge request - Bump IBM integration to our latest prod image.

Activity

People

Assignee:: Mulham Raee

Reporter:: Alberto Garcia Lamela

QA Contact:: Jie Zhao

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2023/10/10 2:58 PM

Updated:: 2024/04/23 1:20 PM