How to disable shared access key in all Azure storage accounts and use the Azure managed Identity ?

Solution Unverified - Updated -

Issue

For Azure deployments, the current installer asks for Service Principal permissions to create storage accounts.

  • To disable shared access key in all Azure storage accounts and to use the Azure-managed Identity in the IPI installer.
  • To replace the Image registry storage account shared access key with an Azure-managed Identity in the IPI installer.
  • To replace the azurefile-csi shared access key which is used to mount the PVs with Azure-managed Identity in the IPI installer.
  • To pass predefined user accounts to the IPI installer instead of the installer creating them.

Environment

  • Red Hat OpenShift Container Platform
    • 4.x
  • Azure Red Hat OpenShift (ARO)
  • Installer-provisioned Infrastructure (IPI)

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content