Open akevin-ms opened 1 year ago
Action required from @Azure/aks-pm
Issue needing attention of @Azure/aks-leads
Issue needing attention of @Azure/aks-leads
Issue needing attention of @Azure/aks-leads
Issue needing attention of @Azure/aks-leads
Issue needing attention of @Azure/aks-leads
Issue needing attention of @Azure/aks-leads
Issue needing attention of @Azure/aks-leads
Is your feature request related to a problem? Please describe. On Keda-add on specifically on the KEDA operator deployment, There is concern from clusterRole given to much access including on giving access to cluster wide secret. This is known issue and therefore has been given an option on the vanilla KEDA where user can supply the KEDA_RESTRIC_SECRET_ACCESS during helm deployment and therefore limit the clusterRole access given to the KEDA operator. While in AKS it's not possible to do with KEDA addon since we don't have access to HELM deployment
Describe the solution you'd like A configurable KEDA_RESTRIC_SECRET_ACCESS env parameter to be able to limit the KEDA Operator clusterRole access as required
Describe alternatives you've considered Perhaps would be better if we can put the config in template as well or configurable from AKS ui via Azure Portal
Additional context Here is the access that was mention on the KEDA vanilla github
Here is the snippet of the code that can configure whether secret can be accessible or not