<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 09:08:45 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[MONGOCRYPT-473] Recognize Azure Automatic KMS Requests</title>
                <link>https://jira.mongodb.org/browse/MONGOCRYPT-473</link>
                <project id="17481" key="MONGOCRYPT">Libmongocrypt</project>
                    <description>&lt;div class=&quot;panel&quot; style=&quot;background-color: #fafbfc;border-width: 1px;&quot;&gt;&lt;div class=&quot;panelContent&quot; style=&quot;background-color: #fafbfc;&quot;&gt;
&lt;h3&gt;&lt;a name=&quot;Summary&quot;&gt;&lt;/a&gt;&lt;b&gt;Summary&lt;/b&gt;&lt;/h3&gt;

&lt;p&gt;&lt;em&gt;A new special form of &lt;tt&gt;kmsProviders.azure&lt;/tt&gt; can be used to indicate a request for automatic credentials based on a VM&apos;s managed identity.&lt;/em&gt;&lt;/p&gt;
&lt;h3&gt;&lt;a name=&quot;Motivation&quot;&gt;&lt;/a&gt;&lt;b&gt;Motivation&lt;/b&gt;&lt;/h3&gt;
&lt;h4&gt;&lt;a name=&quot;Whoistheaffectedenduser%3F&quot;&gt;&lt;/a&gt;Who is the affected end user?&lt;/h4&gt;

&lt;p&gt;&lt;em&gt;libmongocrypt consumers&lt;/em&gt;&lt;/p&gt;
&lt;h4&gt;&lt;a name=&quot;Howdoesthisaffecttheenduser%3F&quot;&gt;&lt;/a&gt;How does this affect the end user?&lt;/h4&gt;

&lt;p&gt;&lt;em&gt;Support for disambiguating between a VM with multiple managed identities requires that parameters be given to the automatic KMS credentials request.&lt;/em&gt;&lt;/p&gt;
&lt;h4&gt;&lt;a name=&quot;Howlikelyisitthatthisproblemorusecasewilloccur%3F&quot;&gt;&lt;/a&gt;How likely is it that this problem or use case will occur?&lt;/h4&gt;

&lt;p&gt;&lt;em&gt;Only Azure users that use multiple assigned managed identities on an Azure VM will need to disambiguate the KMS request. By default, a VM only has a single unambiguous managed identity.&lt;/em&gt;&lt;/p&gt;
&lt;h4&gt;&lt;a name=&quot;Iftheproblemdoesoccur%2Cwhataretheconsequencesandhowseverearethey%3F&quot;&gt;&lt;/a&gt;If the problem does occur, what are the consequences and how severe are they?&lt;/h4&gt;

&lt;p&gt;&lt;em&gt;The disambiguation parameters are requires by the Azure metadata server if the VM has more than one managed identity. If these are omitted, the &lt;tt&gt;accessToken&lt;/tt&gt; will fail to generate and automatic KMS credentials will fail.&lt;/em&gt;&lt;/p&gt;
&lt;h4&gt;&lt;a name=&quot;Isthisissueurgent%3F&quot;&gt;&lt;/a&gt;Is this issue urgent?&lt;/h4&gt;

&lt;p&gt;&lt;em&gt;TBD&lt;/em&gt;&lt;/p&gt;
&lt;h4&gt;&lt;a name=&quot;Isthisticketrequiredbyadownstreamteam%3F&quot;&gt;&lt;/a&gt;Is this ticket required by a downstream team?&lt;/h4&gt;

&lt;p&gt;&lt;em&gt;No&lt;/em&gt;&lt;/p&gt;
&lt;h4&gt;&lt;a name=&quot;Isthisticketonlyfortests%3F&quot;&gt;&lt;/a&gt;Is this ticket only for tests?&lt;/h4&gt;

&lt;p&gt;&lt;em&gt;No&lt;/em&gt;&lt;/p&gt;
&lt;/div&gt;&lt;/div&gt;</description>
                <environment></environment>
        <key id="2116428">MONGOCRYPT-473</key>
            <summary>Recognize Azure Automatic KMS Requests</summary>
                <type id="3" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14718&amp;avatarType=issuetype">Task</type>
                                            <priority id="10300" iconUrl="https://jira.mongodb.org/images/icons/priorities/medium.svg">Unknown</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="9">Done</resolution>
                                        <assignee username="colby.pike@mongodb.com">Colby Pike</assignee>
                                    <reporter username="colby.pike@mongodb.com">Colby Pike</reporter>
                        <labels>
                    </labels>
                <created>Wed, 17 Aug 2022 20:48:48 +0000</created>
                <updated>Thu, 15 Sep 2022 17:36:51 +0000</updated>
                            <resolved>Tue, 30 Aug 2022 23:17:41 +0000</resolved>
                                                    <fixVersion>1.6.0</fixVersion>
                                                        <votes>0</votes>
                                    <watches>1</watches>
                                                                                                                <comments>
                            <comment id="4786881" author="xgen-internal-githook" created="Tue, 30 Aug 2022 07:36:34 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;vector-of-bool&apos;, &apos;email&apos;: &apos;vectorofbool@gmail.com&apos;, &apos;username&apos;: &apos;vector-of-bool&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/MONGOCRYPT-473&quot; title=&quot;Recognize Azure Automatic KMS Requests&quot; class=&quot;issue-link&quot; data-issue-key=&quot;MONGOCRYPT-473&quot;&gt;&lt;del&gt;MONGOCRYPT-473&lt;/del&gt;&lt;/a&gt; Support &quot;accessToken&quot; as an Azure KMS option (#451)&lt;/p&gt;

&lt;ul&gt;
	&lt;li&gt;Support &quot;accessToken&quot; as an Azure KMS option&lt;/li&gt;
	&lt;li&gt;Test case to parse azure.accessToken&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/libmongocrypt/commit/cb3fd4601139a8c9e116a4d5680b55dddddd8a20&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/libmongocrypt/commit/cb3fd4601139a8c9e116a4d5680b55dddddd8a20&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;
</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10012">
                    <name>Related</name>
                                                                <inwardlinks description="is related to">
                                        <issuelink>
            <issuekey id="2131710">NODE-4619</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="2111178">DRIVERS-2411</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                <customfield id="customfield_21957" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Binding Changes</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="22966"><![CDATA[Not Needed]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|i0pjb4:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                </customfields>
    </item>
</channel>
</rss>