Azure / azure-workload-identity

Azure AD Workload Identity uses Kubernetes primitives to associate managed identities for Azure resources and identities in Azure Active Directory (AAD) with pods.
https://azure.github.io/azure-workload-identity
MIT License
298 stars 94 forks source link
aad azure federated-identity kubernetes oidc workload-identity

Azure AD Workload Identity

Build Status OpenSSF Scorecard

Azure AD Workload Identity is the next iteration of Azure AD Pod Identity that enables Kubernetes applications to access Azure cloud resources securely with Azure Active Directory based on annotated service accounts.

Kubernetes Version Supported
1.31
1.30
1.29
1.28

Installation

Check out the installation guide on how to deploy the Azure AD Workload Identity webhook.

Quick Start

Check out the Azure AD Workload Identity Quick Start on how to securely access Azure cloud resources from your Kubernetes workload using the Microsoft Authentication Library (MSAL).

Code of Conduct

This project has adopted the Microsoft Open Source Code of Conduct. For more information, see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.

Release

Currently, Azure Workload Identity releases on a monthly basis, targeting the last week of the month.

Support

Azure AD Workload Identity is an open source project that is not covered by the Microsoft Azure support policy. Please search open issues here, and if your issue isn't already represented please open a new one. The project maintainers will respond to the best of their abilities.