...
This information mentioned in this section is also applicable for wizard-based deployments.
If you wants want to use existing Kubernetes
...
To configure as a dedicated cluster
Assign Azure Kubernetes Service RBAC Cluster Admin to kyvos MI on AKS.
Assign Virtual Machine Contributor on managed resource group to Kyvos MI.
Storage Blob Data Contributor to AKS Managed Identity on bucket.
To configure as a shared Cluster:
Either namespace should be already created or provide Azure Kubernetes Service RBAC Cluster Admin permission to kyvos MI on AKS.
Download kyvos-compute-worker-disk-class.yaml file and execute the kubectl apply –f kyvos-compute-worker-disk-class.yaml command from the user/MI which has Admin privileges on AKS cluster. This is to create storage class. If required, you can update the tags in the file by passing comma-separated values.
If namespace is already created, then Kyvos Managed Identity must have Azure Kubernetes Service RBAC Admin on namespace and Azure Kubernetes Service Cluster User Role on AKS.
Assign Reader on managed resource group to Kyvos MIManaged Identity.
Storage Blob Data Contributor to AKS MI Managed Identity on bucket.
If Authentication and Authorization is set to Local Accounts with Kubernetes RBAC (AAD is disabled)
...