You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/aks/workload-identity-migrate-from-pod-identity.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -3,7 +3,7 @@ title: Migrate your Azure Kubernetes Service (AKS) pod to use workload identity
3
3
description: In this Azure Kubernetes Service (AKS) article, you learn how to configure your Azure Kubernetes Service pod to authenticate with workload identity.
4
4
ms.topic: article
5
5
ms.custom: devx-track-azurecli, devx-track-linux
6
-
ms.date: 07/26/2023
6
+
ms.date: 07/31/2023
7
7
---
8
8
9
9
# Migrate from pod managed-identity to workload identity
@@ -37,16 +37,16 @@ If your cluster is already using the latest version of the Azure Identity SDK, p
37
37
38
38
If your cluster isn't using the latest version of the Azure Identity SDK, you have two options:
39
39
40
-
- You can use a migration sidecar that we provide within your Linux applications, which proxies the IMDS transactions your application makes over to [OpenID Connect][openid-connect-overview] (OIDC). The migration sidecar isn't intended to be a long-term solution, but a way to get up and running quickly on workload identity. Perform the following steps to:
40
+
- You can use a migration sidecar that we provide within your Linux applications, which proxies the IMDS transactions your application makes over to [OpenID Connect][openid-connect-overview] (OIDC). The migration sidecar isn't intended to be a long-term solution, but a way to get up and running quickly on workload identity. Perform the following steps to:
41
41
42
42
-[Deploy the workload with migration sidecar](#deploy-the-workload-with-migration-sidecar) to proxy the application IMDS transactions.
43
43
- Verify the authentication transactions are completing successfully.
44
44
- Schedule the work for the applications to update there SDK's to a supported version.
45
45
- Once the SDK's are updated to the supported version, you can remove the proxy sidecar and redeploy the application.
46
46
47
47
> [!NOTE]
48
-
> The migration sidecar is **not supported for production use**. This feature is meant to give you time to migrate your application SDK's to a supported version, and not meant or intended to be a long-term solution.
49
-
> The migration sidecar is only for Linux containers as pod-managed identities was available on Linux node pools only.
48
+
> The migration sidecar is **not supported for production use**. This feature is meant to give you time to migrate your application SDK's to a supported version, and not meant or intended to be a long-term solution.
49
+
> The migration sidecar is only available for Linux containers, due to only providing pod-managed identities with Linux node pools.
50
50
51
51
- Rewrite your application to support the latest version of the [Azure Identity][azure-identity-supported-versions] client library. Afterwards, perform the following steps:
![prmerger-automator[bot]](https://avatars.githubusercontent.com/u/22479449?v=4&size=40){kind=avatar}
0 commit comments