-
Feature Request
-
Resolution: Done
-
Critical
-
None
-
openshift-4.16, openshift-4.17
-
Improvement
-
False
-
None
-
False
-
Not Selected
-
-
-
-
1. Proposed title of this feature request
Improving the OpenShift installer for Azure Deployments to comply PCI-DSS/BAFIN regluations.
2. What is the nature and description of the request?
The OpenShift installer utilizes the
github.com/hashicorp/terraform-provider-azurerm
module which in versions < 4 have the public_network_access_enabled parameter set to true.
We want to ask with this RFE to get any of the two listed options as soon as possible:
- adjust the OpenShift installer to create the resourceStorageAccount [1] as requested with the default set to FALSE
- upgrade the OpenShift installer module version used of terraform-provider-azurerm to 4.x were this parameter now defaults to FALSE
3. Why does the customer need this? (List the business requirements here)
This security voilation blocks using and scaling Clusters in Public cloud environments for the Banking and Financial industry which need to comply to BAFIN and PCI-DSS regulations.
4. List any affected packages or components.
OpenShift Installer 4.x
Compliance Policy Azure https://learn.microsoft.com/en-us/azure/storage/common/security-controls-policy
- is cloned by
-
-
- Rejected
-
- relates to
-
-
- Backlog
-