You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
e2e test with rbac authorization instead of access policies on keyvault (Azure#4755)
* e2e test with rbac authorization instead of access policies on keyvault
* assign the Key Vault Crypto Service Encryption User role to the disk encryption set MSI
Co-authored-by: kimorris27 <kimorris@redhat.com>
Copy file name to clipboardExpand all lines: pkg/deploy/assets/cluster-development-predeploy.json
+15-26Lines changed: 15 additions & 26 deletions
Original file line number
Diff line number
Diff line change
@@ -96,12 +96,26 @@
96
96
},
97
97
"accessPolicies": [],
98
98
"enabledForDiskEncryption": true,
99
-
"enableRbacAuthorization": false,
99
+
"enableRbacAuthorization": true,
100
100
"enablePurgeProtection": true
101
101
},
102
102
"condition": "[parameters('ci')]",
103
103
"apiVersion": "2019-09-01"
104
104
},
105
+
{
106
+
"name": "[concat(parameters('kvName'), '/Microsoft.Authorization/', guid('crypto service encryption user role on disk encryption set keyvault', resourceGroup().id, subscription().subscriptionId))]",
Name: pointerutils.ToPtr("[concat(parameters('kvName'), '/Microsoft.Authorization/', guid('crypto service encryption user role on disk encryption set keyvault', resourceGroup().id, subscription().subscriptionId))]"),
0 commit comments