Chad Kittel
Chad Kittel
The OIDC Issuer feature needs to be enabled on the cluster for this to work. That work is being spiked out in #274
OIDC Issuer is included in the implementation now, that's the first part of this feature.
While we could move to workload identities now, we'd have to create the app registration in Azure AD by hand. I'm thinking it'll make more sense to wait until managed...
We are tracking development of workload identity, with user managed identity support, closely. A lot is still "in flight" at the moment, but we took the time to explore the...
This is now complete with the work done in #326, which has been merged.
@teilmeier -- thanks for jump starting this effort with your examples that we were able to reference. We've completed the main file migration in #302. The next phase is modularizing...
Going to leave the modular approach to the AKS Baseline automation repo. (recently referenced in #348)
@teilmeier -- planned maintenance now happens at the Azure planned maintenance level. Would you like to revisit this now?
I think adding guidance around consuming CARML as a git submodule is a great idea. You're basically looking at something like the following. _from within in your target (consuming) repo_...
We are holding on this because there are so many updates happening to rule groups, ip groups, etc that the firewall is constantly throwing a CONFLICT error on deployment due...