Skip to content

Issue #246 - Keyvault PrivateEndpoint

Arturo Hernandez [EPAM] requested to merge 246-ah/kv-privatelinks into master

All Submissions:


  • [YES] Have you added an explanation of what your changes do and why you'd like us to include them?
  • [YES] I have updated the documentation accordingly.
  • [YES] My code follows the code style of this project.

Current Behavior or Linked Issues


This is related to #246 (closed), basically, will use private endpoints for keyvault resources.

Variable backend_access, can be either enabled or disabled to allow public access, by default backend access it is enabled, some customers are using azure devops pipelines to maintain their code, and these pipelines require access to some backend resources, nevertheless, there is option to not allow access to the backend resources, and just have access through private endpoints.

Does this introduce a breaking change?


  • [NO]
  • This change should be transparent to the client if backend access it is enabled, we noticed just few random errors in some pods about resolution, however those can be easily workarounded by restarting pods.
  • If the backend access it is disabled, you will need to restart pods to be able to properly resolve to the new private endpoint ip address and retrieve secrets again for the CSI provider as well as the app keyvault retrieval.

Other information


Related to #246 (closed) (for keyvault accesses)

Merge request reports