Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FEATURE]: Create spn secret if it does not exist #892

Open
1 task done
Tracked by #1485
nkvuong opened this issue Feb 5, 2024 · 3 comments
Open
1 task done
Tracked by #1485

[FEATURE]: Create spn secret if it does not exist #892

nkvuong opened this issue Feb 5, 2024 · 3 comments
Labels
cloud/azure issues related to Azure migrate/access-control Access Control to things tech debt chores and design flaws

Comments

@nkvuong
Copy link
Contributor

nkvuong commented Feb 5, 2024
edited by nfx
Loading

Is there an existing issue for this?

  • I have searched the existing issues

Problem statement

When migrating Azure SPNs to UC storage credentials, SPNs without client secrets are not migrated

Related issues:

Proposed Solution

Attempt to create a short-lived secret for SPNs without client secrets. Log any that errors

Relevant issue: #339

Additional Context

No response
@nkvuong nkvuong added this to UCX Feb 5, 2024
@github-project-automation github-project-automation bot moved this to Triage in UCX Feb 5, 2024
@nfx nfx added credentials cloud/azure issues related to Azure and removed needs-triage labels Feb 5, 2024
@nfx nfx mentioned this issue Feb 7, 2024
Closed
@nfx
Copy link
Collaborator

nfx commented Feb 9, 2024

@nkvuong shouldn't we just create Managed Identity with access connector instead?

@qziyuan
Copy link
Contributor

qziyuan commented Apr 9, 2024

Agree, we should create access connector in this case.

@nfx nfx moved this from Triage to Refined in UCX Apr 10, 2024
@nfx nfx added migrate/access-control Access Control to things tech debt chores and design flaws and removed credentials enhancement New feature or request labels Apr 22, 2024
@nfx nfx mentioned this issue Apr 22, 2024
Open
10 tasks
@mohanab-db mohanab-db mentioned this issue May 24, 2024
Closed
11 tasks
@JCZuurmond
Copy link
Member

@nfx : I think we can close this issue and resolve it as follows:

Create a small (0.1 pw) new issue to warn users if we find SP without secrets to:

  1. Rerun SP migration and chose to use access connectors instead
  2. Add SP secrets in a place where ucx can find them.

See discussion in #1770

@nfx nfx moved this from Refined to Quarter Backlog in UCX Jul 17, 2024
@JCZuurmond JCZuurmond mentioned this issue Jan 23, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
cloud/azure issues related to Azure migrate/access-control Access Control to things tech debt chores and design flaws
Projects
UCX
Status: No status
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Changes to create access connector if secret is not found for spn databrickslabs/ucx
5 participants
@nfx @JCZuurmond @gueniai @nkvuong @qziyuan