Loading...

XML

Word

Printable

Type: Feature Request
Resolution: Done
Priority: Major
Fix Version/s: None
Affects Version/s: None
Component/s: Installer, RHEL CoreOS
Labels:
- 4.18-candidate
- Azure
- CORS
- UPI
- azure
- ignition
- install
- sb_candidate

Blocked:
False
Ready:
False
Release Note Text:
Undefined
PX Impact Score:
PX Priority Data:
PX Review Complete:
PX Technical Impact:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

1. Proposed title of this feature request
Support for managed identity in Azure to fetch protected assets from Azure Storage

2. What is the nature and description of the request?
Ignition has support for IAM roles in AWS and thus can work with protected assets in AWS S3. Similar/same capabilities are requested/required in Azure, so that user-assigned managed identity would allow to fetch protected assets from Azure Storage

3. Why does the customer need this? (List the business requirements here)
Ignition files, may contain private/critical information about a OpenShift 4 - Cluster and thus are required to be protected, not only via IP access control but actually via Azure Managed Identity capabilities to only allow access for resources that have been authorized.

4. List any affected packages or components.
RHEL CoreOS, Ignition, Installer

is blocked by

OCPSTRAT-506 ARO Managed Identity

Closed

OCPSTRAT-513 Azure managed identity with Azure AD workload identity for self-managed OpenShift

Closed

OCPSTRAT-909 ARO Managed Identity Phase II

Closed

is related to

COS-2859 Add privileged fetching to azure provider

In Progress

Assignee:: Marcos Entenza Garcia

Reporter:: Simon Reber

Need Info From:: Mark Russell

Votes:: 1 Vote for this issue

Watchers:: 16 Start watching this issue

Created:: 2021/04/06 8:11 AM

Updated:: 2024/07/15 4:33 PM

Resolved:: 2023/04/24 11:02 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates