Skip to content

Commit d6489ea

Browse files
MGoedtelMGoedtel
committed
updated summarized steps for migration scenarios
1 parent 8199c21 commit d6489ea

File tree

1 file changed

+5
-5
lines changed

1 file changed

+5
-5
lines changed

articles/aks/workload-identity-migrate-from-pod-identity.md

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -20,11 +20,11 @@ This article focuses on pod-managed identity migration to Azure Active Directory
2020

2121
This section explains the migration options available depending on what version of the Azure Identity SDK is installed.
2222

23-
For either scenario, you need to have the federated trust setup before you update your application to use the workload identity. The following are the minimum steps required:
23+
For either scenario, you need to have the federated trust set up before you update your application to use the workload identity. The following are the minimum steps required:
2424

25-
- [Create a kubernetes service account](#create-kubernetes-service-account) if you don't have one already dedicated to the application.
26-
- [Create a federated identity](#establish-federated-identity-credential) credential.
27-
- Associate the federated identity with the managed identity already used for the pod-manged identity or [create a new managed identity](#create-a-managed-identity) and then associate it with the federated identity.
25+
- [Create a managed identity](#create-a-managed-identity) credential.
26+
- Associate the managed identity with the kubernetes service account already used for the pod-manged identity or [create a new kubernetes service account](#create-kubernetes-service-account) and then associate it with the managed identity.
27+
- [Establish a federated trust relationship](#establish-federated-identity-credential-trust) between the managed identity and Azure AD.
2828

2929
### Migrate from latest version
3030

@@ -103,7 +103,7 @@ The following output resembles successful creation of the identity:
103103
Serviceaccount/workload-identity-sa created
104104
```
105105

106-
## Establish federated identity credential
106+
## Establish federated identity credential trust
107107

108108
Use the [az identity federated-credential create][az-identity-federated-credential-create] command to create the federated identity credential between the managed identity, the service account issuer, and the subject. Replace the values `resourceGroupName`, `userAssignedIdentityName`, `federatedIdentityName`, `serviceAccountNamespace`, and `serviceAccountName`.
109109

0 commit comments

Comments
 (0)