Trusted cluster setup

This chapter focuses on setting up and configuring the trusted cluster. In this setup, we will first act as the operational security persona that installs and configure Trustee, and then as the application developer that stores its own secrets in Trustee. For each configuration, we will explain the purpose and rationale behind it.

Log in into the environment

Make sure you log into the right service principal:

AZ_CID=$(oc get secrets/azure-credentials -n kube-system -o json | jq -r .data.azure_client_id | base64 -d)

AZ_CS=$(oc get secrets/azure-credentials -n kube-system -o json | jq -r .data.azure_client_secret | base64 -d)

AZ_TID=$(oc get secrets/azure-credentials -n kube-system -o json | jq -r .data.azure_tenant_id | base64 -d)

echo azure_client_id $AZ_CID
echo azure_client_secret $AZ_CS
echo azure_tenant_id $AZ_TID

az login --service-principal -u $AZ_CID -p $AZ_CS --tenant $AZ_TID