openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity

OSDOCS-13114: Update short-term creds note for Entra postinstall

Browse Source
This commit is contained in:
Jeana Routh
2025-01-14 13:10:29 -05:00
committed by openshift-cherrypick-robot
parent 798e144fea
commit ae919ac61d
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
authentication/managing_cloud_provider_credentials/cco-short-term-creds.adoc
View File

@@ -10,7 +10,12 @@ During installation, you can configure the Cloud Credential Operator (CCO) to op
[NOTE]
====
This credentials strategy is supported for {aws-first}, {gcp-first}, and global {azure-full} only. The strategy must be configured during installation of a new {product-title} cluster. You cannot configure an existing cluster that uses a different credentials strategy to use this feature.
This credentials strategy is supported for {aws-first}, {gcp-first}, and global {azure-full} only.
For {aws-short} and {gcp-short} clusters, you must configure your cluster to use this strategy during installation of a new {product-title} cluster.
You cannot configure an existing {aws-short} or {gcp-short} cluster that uses a different credentials strategy to use this feature.
If you did not configure your {azure-short} cluster to use {entra-first} during installation, you can xref:../../post_installation_configuration/changing-cloud-credentials-configuration.adoc#post-install-enable-token-auth_changing-cloud-credentials-configuration[enable this authentication method on an existing cluster].
====
//todo: Should provide some more info about the benefits of this here as well. Note: Azure is not yet limited-priv, but still gets the benefit of not storing root creds on the cluster and some sort of time-based rotation