Azure Workload Identity Support #1152
Comments
|
Sure, let me pick it up! :) |
|
Hola @ericksod! I've picked up the issue, but I'm a bit unsure how to properly test it. I'm a bit rusty with Yarn and Typescript. I do have an Azure environment where I can deploy it. I'll check later on the build, if you already have some feedback, let me know. This should be it, can you give some feedback? #1158 |
|
Any news regarding this issue? I could check out the branch and test it on my Azure tenant, if required. |
Thanks for checking in on this, @lukibahr! This issue should be closed as it was resolved with the merging of #1158. Additional support for Managed Identity has been recently added with #1330 and will be included in the next release |
Discussed in #1148
Perhaps it would be a good idea to start implementing Azure Workload Identity support, which is in line with future development of authentication between k8s resources and cloud resources, not only for Azure. This will also make future implementations much more secure since you do not have to worry about passing around client secrets for a user/spn that potentially has a lot of permissions within the cloud. Therefore, a huge win for security, and thus for future adoption. 😄
I believe we can achieve it by extending https://github.com/cloud-carbon-footprint/cloud-carbon-footprint/blob/trunk/packages/azure/src/application/AzureCredentialsProvider.ts in this fashion https://github.com/Azure/azure-workload-identity/blob/main/examples/azure-identity/node/index.js, shall I pick it up?
The text was updated successfully, but these errors were encountered: