This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(259.20000000000005, 68%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ET%3C/text%3E%3C/svg%3E)
Team,
Currently we are using AAD pod identity package to interact with azure key vault from kubernetes. Is there any other alternative available?
As discussed here, its releases happened once a month only i.e. in the first week. This package has vulnerabilities which are difficult to manage because our prisma security team is raising concerns.
Would be grateful if you can share some alternatives for the same. Thank you.
Kind Regards,
Tanul
Hello @Tanul ,
Thank you for reaching out to the Microsoft Q&A platform. Happy to answer your question.
I understand you are looking for an alternative of AAD Pod identity. As far as I know through this announcement, we are planning to replace AAD Pod Identity with open-source project called Azure Workload Identity. Going forward, we will no longer add new features to this project in favor of Azure Workload Identity. However, we will continue patching critical bugs and security vulnerabilities until further notice.
With this project, developers can use native Kubernetes concepts of service accounts and federation to access Azure AD protected resources, such as Azure and Microsoft Graph, without needing secrets.
Refer to doc for release cadence.
Hope this detail helps.
--please don't forget to upvote and accept as answer if the reply is helpful--
@Prrudram-MSFT , Oh ok. Thanks for sharing.. Will go through this at the earliest and start migrating to it.
@Prrudram-MSFT , Hey. Hope you’re doing great.
A small question l just read that this app does not support Managed identity. Do you have any tentative timelines for that. Because while migrating from AAD to azure workload identity it might be easier if managed identity support is available.
Hello @Tanul ,
I am checking internally about the supportability plans for Managed Identity under this context. I will keep you posted.
@Tanul ,
No tentative ETA as of now. The document will be updated as/when it is ready to be supported.
@Prrudram-MSFT , Thank you so much dear for the update. :)