azure-workload-identity icon indicating copy to clipboard operation
azure-workload-identity copied to clipboard
verified publisher icon Azure

Add CLI tool for setting up OIDC URL in unmanaged clusters

Open aramase opened this issue 4 years ago • 0 comments 

* Setup a storage account
* Create discovery json and upload to .well-known/openid-configuration
* Create keys json and upload to openid/v1/jwks
* E2E testing (pre-release for the tool)
* Unit test coverage
* Document command usage
* This is mostly for unmanaged clusters (AKS-engine)/CAPZ

* Handle rotation of signing key
  * Appending the new key to jwks
  * Removing the new key from jwks after 24h

aramase avatar Apr 26 '21 18:04 aramase