Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-55041

Adding a new configuration to the azure-vm-agents-plugin that allows adding a User Assigned Identity to a VM

      Adding a new configuration to the azure-vm-agents-plugin that can be modified when a VM is deployed. 

      The new configuration should provide us the ability to add a User-Assigned-Managed-Identity to a VM (in azure portal it is under "settings" -> "Identity " -> "User assigned (Preview)") - a screenshot is attached.

      This is necessary because of the key vault's access policies limit of 16 access policies only. 

          [JENKINS-55041] Adding a new configuration to the azure-vm-agents-plugin that allows adding a User Assigned Identity to a VM

          Tom Ganor added a comment -

          Hi jieshe! Is there an estimated due date for this?

          Thanks!

          Tom Ganor added a comment - Hi jieshe ! Is there an estimated due date for this? Thanks!

          Jie Shen added a comment -

          Hi tomganor, I have just reviewed this feature. It seems that user-assigned managed identity is also not an option for VM creation. Portal now only support system managed identity when you create a VM. By the way, user-assigned managed identity is just in preview now, so I think it may not the right time for vm plugin to support this. I think for now you should use init scripts to use user-assigned managed identity.

          Jie Shen added a comment - Hi tomganor , I have just reviewed this feature. It seems that user-assigned managed identity is also not an option for VM creation. Portal now only support system managed identity when you create a VM. By the way, user-assigned managed identity is just in preview now, so I think it may not the right time for vm plugin to support this. I think for now you should use init scripts to use user-assigned managed identity.

          Tom Ganor added a comment -

          Hi jieshe, what do you mean by " Portal now only support system managed identity"?

          As for now, the ability to add a user-assigned managed identity to a VM does exist. Am I missing something?

          Tom Ganor added a comment - Hi jieshe , what do you mean by " Portal now only support system managed identity"? As for now, the ability to add a user-assigned managed identity to a VM does exist. Am I missing something?

          Jie Shen added a comment -

          Hi tomganor, you can add a user-assigned managed identity to an existing VM, but you cannot set that when you create a new one. It is a after provision step more than a provision one.

          Jie Shen added a comment - Hi tomganor , you can add a user-assigned managed identity to an existing VM, but you cannot set that when you create a new one. It is a after provision step more than a provision one.

          Tom Ganor added a comment -

          Hi jieshe, OK I will close this ticket and try and figure out a different solution. 

          Thanks for all of your help anyway.

          Tom Ganor added a comment - Hi jieshe , OK I will close this ticket and try and figure out a different solution.  Thanks for all of your help anyway.

            jieshe Jie Shen
            tomganor Tom Ganor
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: