Extend functionality to sync by service account name to SPCs

shiftavenue / azure-clientid-syncer

This webhook syncs federated identity credentials from Azure for a Kubernetes cluster. Every time a Kubernetes service account with a specific label gets created it queries the Azure Managed Identities to fetch the client ID and tenant ID, and patches these values into this service account.

MIT License

5 stars 0 forks source link

Extend functionality to sync by service account name to SPCs #7

Closed wenzel-felix closed 9 months ago

wenzel-felix commented 9 months ago

https://azure.github.io/secrets-store-csi-driver-provider-azure/docs/configurations/identity-access-modes/workload-identity-mode/

wenzel-felix commented 9 months ago

https://pkg.go.dev/sigs.k8s.io/secrets-store-csi-driver@v1.4.1/apis/v1#SecretProviderClass

wenzel-felix commented 9 months ago

This will not be implemented - rather waiting for Azure to implement same workflow as AWS and GCP meaning they get the client id data directly from the service account. https://github.com/Azure/secrets-store-csi-driver-provider-azure/issues/1316