You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In our on-premise setup with vanilla Kubernetes, we have implemented IAM Roles for Service Accounts (IRSA) to establish connectivity between our on-premise environment and AWS. While Velero and the Velero plugin for AWS support IRSA, it seems that the datamgr-for-vsphere-plugin does not currently provide IRSA support. Instead, the plugin expects the cloud-credential file to be consistently available and mounted.
Describe the solution you'd like
Enhance functionality of the datamgr-for-vsphere-plugin to include support for IRSA, similar to the implementation demonstrated in the AWS plugin. You can refer to the specific code section in the AWS plugin repository that showcases this functionality:
By incorporating IRSA support into the datamgr-for-vsphere-plugin, our aim is to enable seamless integration and utilise the security benefits provided by IRSA for our on-premise Kubernetes environment.
Anything else you would like to add:
In the absence of a code change that directly incorporates IRSA support, we can explore potential workarounds to use IRSA until the feature is officially added.
Describe the problem/challenge you have
In our on-premise setup with vanilla Kubernetes, we have implemented IAM Roles for Service Accounts (IRSA) to establish connectivity between our on-premise environment and AWS. While Velero and the Velero plugin for AWS support IRSA, it seems that the datamgr-for-vsphere-plugin does not currently provide IRSA support. Instead, the plugin expects the cloud-credential file to be consistently available and mounted.
Describe the solution you'd like
Enhance functionality of the datamgr-for-vsphere-plugin to include support for IRSA, similar to the implementation demonstrated in the AWS plugin. You can refer to the specific code section in the AWS plugin repository that showcases this functionality:
velero-plugin-for-aws/object_store.go#L290-L302
By incorporating IRSA support into the datamgr-for-vsphere-plugin, our aim is to enable seamless integration and utilise the security benefits provided by IRSA for our on-premise Kubernetes environment.
Anything else you would like to add:
In the absence of a code change that directly incorporates IRSA support, we can explore potential workarounds to use IRSA until the feature is officially added.
Environment:
velero 1.11
velero-plugin-for aws v1.7.0
velero-plugin-for-vsphere v1.5.1
kube v1.26.2
The text was updated successfully, but these errors were encountered: