aad-pod-identity is no longer supported & K8S namespace does not enforce restricted policy in Azure

OWASP / wrongsecrets

Vulnerable app with examples showing how to not use secrets

https://owasp.org/www-project-wrongsecrets/

GNU Affero General Public License v3.0

1.21k stars 341 forks source link

aad-pod-identity is no longer supported & K8S namespace does not enforce restricted policy in Azure #670

Open commjoen opened 1 year ago

commjoen commented 1 year ago

In order to complete the migration to Kubernetes 1.25 on AKS and enforce the restricted psa in the default namespace, we need to migrate from aad-pod-identity to https://azure.github.io/azure-workload-identity/docs/

Issue is caused by #652 #646

Please note that: if you want to pick up this issue, you have to have experience with:

terraform
helm
Azure AKS
Azure workload identity

osamamagdy commented 1 year ago

I can start working on this this weekend if you can assign it to me

commjoen commented 1 year ago

Thank you for volunteering on this! Assigned! HAve a great day!

commjoen commented 11 months ago

Hi @osamamagdy , do you have any updates on this :) ?

osamamagdy commented 11 months ago

Still working on it. Got busy with the GSoC work.