Pod Identity using kubenet #12452
Comments
|
@michelefa1988 as you can see, this resource is reverted. So terraform does not contains this functionality currently. The reason is this feature is in preview and according to the aks team, current design will be deprecated soon and a new design will be drafted. After that, we will support this feature in terraform. |
|
@njuCZ what is the best way to set up AKS pod identity with terraform at the moment? Is there any such documentation you can point me too? I just need a pod to have an assigned identity so that it can access azure key vault. Thanks |
|
@michelefa1988 sorry, for now I don't know how to do it either |
|
Support for this is being tracked in #9885 - please subscribe to that issue for updates |
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. |
I am trying to setup pod identity on an AKS cluster using terraform. The cluster uses kubenet networking. My goal is that using terraform, I can create a number of identities and assign these identity to pods via arguments.
To me this would be more secure than creating a service principle (inc. clientid/password) which I am able to use to connect to Azure resources (e.g dns zone)
What I am trying to achieve is something similar to https://docs.microsoft.com/en-us/azure/aks/use-azure-ad-pod-identity.
Can you point me in the right direction for enabling this with terraform? I see that something similar has been merged recently (https://github.com/terraform-providers/terraform-provider-azurerm/pull/12225/files#) but I cannot find any mention of it in the documentation.
If there is another (completely different) approach which I am missing out, let me know - I am open to new suggestions
Thanks in advance.
Bes Regards,
Michele
The text was updated successfully, but these errors were encountered: