Uploaded image for project: 'OpenShift Storage'
  1. OpenShift Storage
  2. STOR-1072

Azure Disk support for managed identities

    XMLWordPrintable

Details

    • Azure Disk support for managed identities
    • True
    • False
    • OCPBU-8Azure Managed Identity
    • Not Selected
    • To Do
    • OCPBU-8 - Azure Managed Identity
    • QE Needed, Docs Needed, TE Needed, Customer Facing, PX Needed
    • 0
    • 0% 0%

    Description

      Epic Overview

      There is a general effort to support Azure Managed Identities in OCP.

      • Enable customers to create and manage OpenShift clusters using managed identities for Azure resources (a.k.a. Managed Service Identity or MSI) for authentication.
      • A customer using ARO wants to spin up an OpenShift cluster with "az aro create" without needing additional input, i.e. without the need for an AD account or service principal credentials, and the identity used is never visible to the customer and cannot appear in the cluster.

      The epic tracks the work required in Azure Disk Operator to support Azure Managed Identities.

      Requirements

      • Add support to Azure Disk Operator for the Installation and Upgrade using both UPI and IPI methods with managed identities for Azure resources / Managed Service Identity (MSI).
      • Support for HyperShift and non-HyperShift clusters.

      Attachments

        Issue Links

          is duplicated by

          Story - Created by Jira Software - do not edit or delete. Issue type for a user story. CCO-324 Update azure-disk-csi-driver-operator to consume Azure workload identity tokens

          • Undefined - Priority not specified.
          • To Do
          is related to

          Epic - Created by Jira Software - do not edit or delete. Issue type for a big user story that needs to be broken down. CORS-1888 Support for Azure Managed Identities for new OpenShift deployments

          • Critical - To be worked on immediately following BLOCKER issues.
          • New

          Epic - Created by Jira Software - do not edit or delete. Issue type for a big user story that needs to be broken down. CCO-187 Azure Managed Identity (Workload Identity) Support

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Planning

          Activity

            People

              rbednar@redhat.com Roman Bednar
              rh-gs-gcharot Gregory Charot
              Wei Duan Wei Duan
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:

                Time Tracking

                  Estimated:
                  Original Estimate - 2 weeks
                  2w
                  Remaining:
                  Remaining Estimate - 2 weeks
                  2w
                  Logged:
                  Time Spent - Not Specified
                  Not Specified