Reconcile federated identity credentials for your Azure Red Hat OpenShift cluster with managed identities enabled (preview)

In this article, learn how to reconcile federated identity credentials for OpenShift operator managed identities in your Azure Red Hat OpenShift clusters with managed / workload identity enabled.

Important

Currently, the Azure Red Hat OpenShift feature is being offered in preview only. Preview features are available on a self-service, opt-in basis. Previews are provided "as is" and "as available," and are excluded from the service-level agreements and limited warranty. Azure Red Hat OpenShift previews are partially covered by customer support on a best-effort basis. As such, these features aren't meant for production use.

Reconciling the federated identity credentials for the OpenShift operator managed identities can be needed if any OpenShift operators are unable to authenticate to Azure. This procedure ensures the federated identity credentials for each of the OpenShift operators exist, are configured correctly, and are correctly deployed into the in-cluster secrets so that the OpenShift operators can use them.

Prerequisites

This article assumes that the following conditions are met.

You have an existing Azure Red Hat OpenShift cluster with managed / workload identity enabled with the latest updates applied.
You have the minimum required Azure CLI version to reconcile federated identity credentials within an Azure Red Hat OpenShift cluster with managed / workload identity enabled is 2.67.0.
If you need to check the version of Azure CLI, run:
```
az --version
```
To install or upgrade the Azure CLI, follow Install Azure CLI.

Download Azure Red Hat OpenShift extension wheel file (Preview only)

To run the commands in this article, you need to download the extension wheel file from https://aka.ms/az-aroext-latest. To install the extension, run the following command:

az extension add -s <path to downloaded whl file>