Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-1773

Support for managed identity in Azure to fetch protected assets from Azure Storage

    XMLWordPrintable

Details

    • False
    • False
    • 0
    • 0% 0%
    • Undefined

    Description

      1. Proposed title of this feature request
      Support for managed identity in Azure to fetch protected assets from Azure Storage

      2. What is the nature and description of the request?
      Ignition has support for IAM roles in AWS and thus can work with protected assets in AWS S3. Similar/same capabilities are requested/required in Azure, so that user-assigned managed identity would allow to fetch protected assets from Azure Storage

      3. Why does the customer need this? (List the business requirements here)
      Ignition files, may contain private/critical information about a OpenShift 4 - Cluster and thus are required to be protected, not only via IP access control but actually via Azure Managed Identity capabilities to only allow access for resources that have been authorized.

      4. List any affected packages or components.
      RHEL CoreOS, Ignition, Installer

      Attachments

        Issue Links

          is blocked by

          Feature - Capability or a well-defined set of functionality that delivers business value. Features can include additions or changes to existing functionality. Features can easily span multiple teams, and potentially multiple releases. OCPSTRAT-506 ARO Managed Identity

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Closed

          Feature - Capability or a well-defined set of functionality that delivers business value. Features can include additions or changes to existing functionality. Features can easily span multiple teams, and potentially multiple releases. OCPSTRAT-513 Azure managed identity with Azure AD workload identity for self-managed OpenShift

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Closed

          Feature - Capability or a well-defined set of functionality that delivers business value. Features can include additions or changes to existing functionality. Features can easily span multiple teams, and potentially multiple releases. OCPSTRAT-909 ARO Managed Identity Phase II

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              mak.redhat.com Marcos Entenza Garcia
              rhn-support-sreber Simon Reber
              Votes:
              1 Vote for this issue
              Watchers:
              14 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: