search

feathr-ai / helm-charts

Apache License 2.0
1 stars 0 forks source link

Added secrets store #16

Open ahlag opened 1 year ago

ahlag commented 1 year ago

Description

Added secrets as environment variables for Feathr that can be managed on Azure Key Vault Resolves https://github.com/feathr-ai/helm-charts/issues/9

How was this PR tested?

Run the following command

helm install <Release Name> ./feathr-online-aks-integration \
    --set pipelineConf=$(cat <absolute path>/pipeline.conf | base64) \
    --set lookup=$(cat <absolute path>/lookup.json | base64) \
    --set userAssignedIdentityID=<User Assigned Identity ID> \
    --set tenantId=<Tenant ID>

User Assigned ID

az aks show -g <resource-group> -n <cluster-name> --query addonProfiles.azureKeyvaultSecretsProvider.identity.clientId -o tsv

To access your key vault, you can use the user-assigned managed identity that you created when you enabled a managed identity on your AKS cluster

Tenant ID screen_shot 2023-04-08 at 0 14 03

Does this PR introduce any user-facing changes?

ahlag commented 1 year ago

@blrchen Could you please check if this architecture is ok? k8s-key-vault drawio (1)