Closed david-garcia-garcia closed 3 months ago
According to docs this is only supported since version 1.30.1
supported from v1.30.1 (from AKS 1.29 with tokenRequests field support in CSIDriver)
workload identity is NOT supported on AKS managed Azure File CSI driver if you are using AKS, please disable the managed Azure File CSI driver by --disable-file-driver first
Looks my whole approach to this was completely wrong.
When trying to create a storage class using the azure-csi-driver (Bring Your Own File Share), if you specify a clientID in order to have federated credentials to authenticate to storage, the following error is shown:
Although this parameter is not part of the inventory for the class:
https://github.com/kubernetes-sigs/azurefile-csi-driver/blob/master/docs/driver-parameters.md
The examples point to this being supported as part of Workload Identity integration:
https://github.com/kubernetes-sigs/azurefile-csi-driver/blob/master/docs/workload-identity-static-pv-mount.md
The version of the CSI driver I am using is: mcr.microsoft.com/oss/kubernetes-csi/azurefile-csi:v1.28.10
What I am trying to achieve is have storage classes that can be used only in some namespaces (using policies):