Skip to content

Commit c1182b7

Browse files
eromanova97eromanova97
authored
Merge pull request #96727 from eromanova97/manual-cp-95708-to-6.0
[standalone-logging-docs-6.0] OBSDOCS-2061: fix 'logging-identity-federation.adoc' and remove duplicate
2 parents 1debdc5 + 191051b commit c1182b7

File tree

2 files changed

+15
-70
lines changed

2 files changed

+15
-70
lines changed

modules/identity-federation.adoc

Lines changed: 0 additions & 59 deletions
This file was deleted.

modules/logging-identity-federation.adoc

Lines changed: 15 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -4,19 +4,23 @@
44

55
:_mod-docs-content-type: PROCEDURE
66
[id="logging-identity-federation_{context}"]
7-
= Workload identity federation
8-
Workload identity federation enables authentication to cloud-based log stores using short-lived tokens.
7+
= Authenticating with workload identity federation to access cloud-based log stores
8+
9+
You can use workload identity federation with short-lived tokens to authenticate to cloud-based log stores. With workload identity federation, you do not have to store long-lived credentials in your cluster, which reduces the risk of credential leaks and simplifies secret management.
910

1011
.Prerequisites
11-
* {ocp-product-title} 4.14 and later
12-
* {logging-uc} 5.9 and later
12+
13+
* You have administrator permissions.
1314
1415
.Procedure
15-
* If you use the {ocp-product-title} web console to install the {loki-op}, clusters that use short-lived tokens are automatically detected. You are prompted to create roles and supply the data required for the {loki-op} to create a `CredentialsRequest` object, which populates a secret.
1616

17-
* If you use the {oc-first} to install the {loki-op}, you must manually create a subscription object using the appropriate template for your storage provider, as shown in the following examples. This authentication strategy is only supported for the storage providers indicated.
17+
* Use one of the following options to enable authentication:
1818
19-
.Azure sample subscription
19+
** If you used the {ocp-product-title} web console to install the {loki-op}, the system automatically detects clusters that use short-lived tokens. You are prompted to create roles and supply the data required for the {loki-op} to create a `CredentialsRequest` object, which populates a secret.
20+
21+
** If you used the {oc-first} to install the {loki-op}, you must manually create a `Subscription` object. Use the appropriate template for your storage provider, as shown in the following samples. This authentication strategy supports only the storage providers indicated within the samples.
22+
+
23+
.{azure-first} sample subscription
2024
[source,yaml]
2125
----
2226
apiVersion: operators.coreos.com/v1alpha1
@@ -25,7 +29,7 @@ metadata:
2529
name: loki-operator
2630
namespace: openshift-operators-redhat
2731
spec:
28-
channel: "stable-5.9"
32+
channel: "stable-6.0"
2933
installPlanApproval: Manual
3034
name: loki-operator
3135
source: redhat-operators
@@ -41,8 +45,8 @@ spec:
4145
- name: REGION
4246
value: <your_region>
4347
----
44-
45-
.AWS sample subscription
48+
+
49+
.{aws-first} sample subscription
4650
[source,yaml]
4751
----
4852
apiVersion: operators.coreos.com/v1alpha1
@@ -51,7 +55,7 @@ metadata:
5155
name: loki-operator
5256
namespace: openshift-operators-redhat
5357
spec:
54-
channel: "stable-5.9"
58+
channel: "stable-6.0"
5559
installPlanApproval: Manual
5660
name: loki-operator
5761
source: redhat-operators

0 commit comments

Comments
 (0)