Uploaded image for project: 'OpenShift Storage'
  1. OpenShift Storage
  2. STOR-1072

Azure Disk support for managed identities

    XMLWordPrintable

Details

    • Azure Disk support for managed identities
    • 2
    • False
    • False
    • Green
    • To Do
    • OCPSTRAT-506 - ARO Managed Identity
    • OCPSTRAT-506ARO Managed Identity
    • 100
    • 100% 100%
    • Approved

    Description

      Epic Overview

      There is a general effort to support Azure Managed Identities in OCP.

      • Enable customers to create and manage OpenShift clusters using managed identities for Azure resources (a.k.a. Managed Service Identity or MSI) for authentication.
      • A customer using ARO wants to spin up an OpenShift cluster with "az aro create" without needing additional input, i.e. without the need for an AD account or service principal credentials, and the identity used is never visible to the customer and cannot appear in the cluster.

      The epic tracks the work required in Azure Disk Operator to support Azure Managed Identities.

      Requirements

      • Add support to Azure Disk Operator for the Installation and Upgrade using both UPI and IPI methods with managed identities for Azure resources / Managed Service Identity (MSI).
      • Support for HyperShift and non-HyperShift clusters.

      Attachments

        Issue Links

          is blocked by

          Story - Created by Jira Software - do not edit or delete. Issue type for a user story. CCO-324 Update azure-disk-csi-driver-operator to consume Azure workload identity tokens

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Closed
          is related to

          Epic - Created by Jira Software - do not edit or delete. Issue type for a big user story that needs to be broken down. CORS-1888 Support for Azure Managed Identities for new OpenShift deployments

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Release Pending

          Epic - Created by Jira Software - do not edit or delete. Issue type for a big user story that needs to be broken down. CCO-187 Azure Managed Identity (Workload Identity) Support

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Closed

          Story - Created by Jira Software - do not edit or delete. Issue type for a user story. STOR-1144 Review cluster-storage-operator to consume Azure workload identity tokens

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Closed
          relates to

          Epic - Created by Jira Software - do not edit or delete. Issue type for a big user story that needs to be broken down. CCO-282 Azure OpenShift role granularity for Azure managed identity

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Release Pending
          There are no Sub-Tasks for this issue.

          Activity

            People

              rbednar@redhat.com Roman Bednar
              rh-gs-gcharot Gregory Charot
              Wei Duan Wei Duan
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - 2 weeks
                  2w
                  Remaining:
                  0m
                  Logged:
                  Time Not Required
                  Not Specified