Feature: Create Identity Bindings resources #5077
Description
Existing managed identities with federated identity credentials have scale limitations because a single user-assigned managed identity can't have more than 20 federated identity credentials. Large Kubernetes platform deployments might span more than 20 clusters (each cluster has a unique issuer) or have many <namespace, service-account> combinations that require mapping to the same UAMI, exhausting the FIC quota. Identity bindings allow us to scale managed identities in large clusters / multi clusters by abstracting the federated identity credentials.
While I appreciate it is a preview service, there is no way to scale identity bindings by creating them programmatically them in cluster, so it would be ideal if ASO could provision identity bindings.
ARM Documentation: https://learn.microsoft.com/en-us/azure/templates/microsoft.containerservice/managedclusters/identitybindings?pivots=deployment-language-bicep