Open david-jarman opened 3 months ago
@david-jarman - thanks for your feedback! We are working on documenting this scenario. I'll follow up here when it is done.
@david-jarman - thanks for your feedback! We are working on documenting this scenario. I'll follow up here when it is done.
Thanks!
Type of issue
Missing information
Feedback
The documentation for attaching and provisioning blob storage in AKS does not give enough information regarding authentication, specifically with MSI auth. It's not clear from the documentation how a user assigned identity is attached to the AKS cluster so it can be used by the CSI driver to access a storage account. I'm not sure if the identity has to be at the VMSS level, kubelet level, or workload identity level.
Please consider adding a section that shows how auth works and how to set up managed identities to be used by the CSI driver, as well as what role-assignments are needed to access the blob storage.
Page URL
https://learn.microsoft.com/en-us/azure/aks/azure-csi-blob-storage-provision?tabs=mount-nfs%2Csecret
Content source URL
https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/aks/azure-csi-blob-storage-provision.md
Author
@tamram
Document Id
68bfe77f-cd0a-2d6e-f014-121e6a0d202e