Allow FlexVol to use system assigned or user assigned managed identity on VM / VMSS directly without dependency on pod identity. This is preferred in some cases that we want less dependency, especially on a large scale cluster.
Tested on an AKS cluster without aad-pod-identity.
To use managed identity directly, the volume spec will specify:
usevmmanagedidentity: "true" # [OPTIONAL] if not provided, will default to "false"
vmmanagedidentityclientid: "clientid" # [OPTIONAL] use the client id to specify which user assigned managed identity to use, leave empty to use system assigned managed identity
Reason for Change:
Allow FlexVol to use system assigned or user assigned managed identity on VM / VMSS directly without dependency on pod identity. This is preferred in some cases that we want less dependency, especially on a large scale cluster.
Tested on an AKS cluster without aad-pod-identity.
To use managed identity directly, the volume spec will specify:
Issue Fixed:
Notes for Reviewers: