-
Feature Request
-
Resolution: Unresolved
-
Major
-
None
-
None
-
None
-
None
-
Product / Portfolio Work
-
None
-
False
-
-
None
-
None
-
None
-
-
None
-
-
None
-
None
-
None
1. Proposed title of this feature request
Add WIF support to external DNS operator to be used on GCP setups
2. What is the problem that your customer is facing?
All cluster (GCP) enabled services are required to make use of WIF authentication. Without this functionality, we won't be allowed and able to use the external DNS operator.
3. What is the nature and description of the request?
Our cloud-team managing the GCP environment applied policies to only allow WIF enabled connections to GCP services. The external DNS operator would allow us to to dynamically create DNS entries for services running on OpenShift - this is currently not possible due to WIF requirements by the regulations.
4. What are your expectations for this feature //Please add any requirements you may have so that we are able to deliver what you need
The external DNS operator should make use of WIF authentication (https://cloud.google.com/iam/docs/workload-identity-federation) in order to deal with compliance policies applied to GCP environments.
5. Why does the customer need this? (List the business requirements here)
OpenShift clusters running on a shared VPC with regulations applied have to use WIF for every service on GCP.
6. What is the business impact, if any, if this request will not be made available?
Currently all specific DNS records for service running on OpenShift on GCP will have to be created manually.
7. List any affected packages or components.
External DNS operator
- links to
