-
Bug
-
Resolution: Done-Errata
-
Critical
-
4.14.0
-
No
-
False
-
This is a clone of issue OCPBUGS-29956. The following is the description of the original issue:
—
Description of problem:
CredentialsRequest for Azure AD workload identity contains unnecessary permissions under `virtualMachines/extensions`. Specifically write and delete.
Version-Release number of selected component (if applicable):
4.14.0+
How reproducible:
Every time
Steps to Reproduce:
1. Create a cluster without the CredentialsRequest permissions mentioned 2. Scale machineset 3. See no permission errors
Actual results:
We have unnecessary permissions, but still no errors
Expected results:
Still no permission errors after removal.
Additional info:
RHCOS doesn't leverage virtual machine extensions. It appears as though the code path is dead.
- blocks
-
OCPBUGS-30898 Azure MAO CredentialsRequest Contains Unnecessary virtualMachines/extensions Permissions
- Closed
- clones
-
OCPBUGS-29956 Azure MAO CredentialsRequest Contains Unnecessary virtualMachines/extensions Permissions
- Closed
- is blocked by
-
OCPBUGS-29956 Azure MAO CredentialsRequest Contains Unnecessary virtualMachines/extensions Permissions
- Closed
- is cloned by
-
OCPBUGS-30898 Azure MAO CredentialsRequest Contains Unnecessary virtualMachines/extensions Permissions
- Closed
- links to
-
RHBA-2024:1770 OpenShift Container Platform 4.15.z bug fix update