Reply
Highlighted
Contributor
Posts: 59
Registered: ‎10-02-2017

Cloudera Director: Enable managed identity for Azure instances during cluster bootstrap

[ Edited ]

My team deploys / manages client clusters in AWS using Cloudera Director 2.8.  We are testing deployments on Azure and have a need for Azure's equivalent to AWS IAM roles, called managed identities.  For AWS deployments, we can define iamProfileName in the director bootstrap file so that all instances are associated with a specific IAM role during creation.  It would make sense if we could define something similar for Azure instances.  Is this available?

Contributor
Posts: 59
Registered: ‎10-02-2017

Re: Cloudera Director: Enable managed identity for Azure instances during cluster bootstrap

I can see references to MSI in the Cloudera Director Azure plugin code on GitHub, but no references to it's usage in the Azure reference bootstrap file examples.  Is it supported yet?

 

USER_ASSIGNED_MSI_RESOURCE_GROUP(new SimpleConfigurationPropertyBuilder()
      .configKey("userAssignedMsiResourceGroup")
      .name("The User Assigned MSI Resource Group")
      .defaultDescription("The Resource Group that holds the specified User Assigned Managed Service Identity. " +
          "If this and the User Assigned MSI Name field is left blank no MSI will be assigned to the VM.")
      .widget(ConfigurationProperty.Widget.TEXT)
      .required(false)
      .hidden(true)
      .build()),

  USER_ASSIGNED_MSI_NAME(new SimpleConfigurationPropertyBuilder()
      .configKey("userAssignedMsiName")
      .name("The User Assigned MSI Name")
      .defaultDescription("The User Assigned Managed Service Identity Name. If this and the User Assigned MSI " +
          "Resource Group field is left blank no MSI will be assigned to the VM.")
      .widget(ConfigurationProperty.Widget.TEXT)
      .required(false)
      .hidden(true)
      .build()),

  USE_IMPLICIT_MSI(new SimpleConfigurationPropertyBuilder()
      .configKey("useImplicitMsi")
      .name("Use Implicit MSI")
      .addValidValues(
          "Yes",
          "No")
      .defaultValue("No")
      .defaultDescription("Whether to use Implicit MSI on the VM.")
      .widget(ConfigurationProperty.Widget.LIST)
      .required(false)
      .hidden(true)
      .build()),

  IMPLICIT_MSI_AAD_GROUP_NAME(new SimpleConfigurationPropertyBuilder()
      .configKey("implicitMsiAadGroupName")
      .name("Name of AAD group for implicit MSI to join.")
      .defaultDescription("The name of the AAD group for implicit MSI to join.")
      .widget(ConfigurationProperty.Widget.TEXT)
      .required(false)
      .hidden(true)
      .build()),
Announcements