When will Active Directory pod-managed identities became production ready?

Question

At this moment, this feature is only available as a preview https://learn.microsoft.com/en-us/azure/aks/use-azure-ad-pod-identity . I could not find when this feature was released (from some random Youtube videos around December 2020) nor when it will exit preview. Is there any roadmap for this feature? Some estimate for when it will be announced as a normal feature in AKS?

Is there any other way to limit the resources my pods have access to? I want each pod to only have access to the resources they need.

Answer 1

@vipullag-MSFT
i'm looking to deploy pod-based identities but there's still a recommendation against using v1:
https://learn.microsoft.com/en-us/azure/aks/use-azure-ad-pod-identity
"The feature described in this document, pod-managed identities (preview), will be replaced with pod-managed identities V2 (preview). If you have an existing installation of AADPODIDENTITY, you must remove the existing installation. Enabling this feature means that the MIC component isn't needed."

any updates on how i setup v2? suggestions for what we do in the meantime?

Answer 2

@Anonymous

I checked with internal team on this. The current implementation of pod-identity will not be GA. Team is working on pod-identity V2 which will go to preview around Q3 time frame. V2 will be based on OIDC Federation which is a simplified and already adopted identity standard by other cloud providers. V2 is what will be available for GA. The GA date for V2 will be announced based on preview availability.

Hope this helps.

Please 'Accept as answer' if the provided information is helpful, so that it can help others in the community looking for help on similar topics.