Enabling a Cloudera Data Engineering service with Azure Managed Identity using the CLI
Enable a Cloudera Data Engineering service with Azure Managed Identity using the CDP CLI to implement Workload Identity for secure logger credential access.
In Cloudera Data Engineering 1.25.2 on Azure, Workload Identity replaces the Azure AD Pod Identity (aad-pod-identity) component to pull logger credentials.
You must configure the CDP CLI. For more information, see CLI client setup.
Enable the Cloudera Data Engineering service with Managed Identity by
running the following command using the CDP CLI:
cdp de enable-service --name [***SERVICE-NAME***] --env [***ENVIRONMENT***] --instance-type [***INSTANCE-TYPE***] --minimum-instances [***VALUE***] --maximum-instances [***VALUE***] --azure-service-managed-identity [***CLUSTER-MANAGED-IDENTITY-RESOURCE-ID***] --azure-virtual-cluster-managed-identities [***VC-MANAGED-IDENTITY-RESOURCE-ID***]Example for the Managed Identity resource ID
/subscriptions/[***SUBSCRIPTION-ID***]/resourceGroups/[***RESOURCE-GROUP-NAME***]/providers/Microsoft.ManagedIdentity/userAssignedIdentities/[***IDENTITY-NAME***]