Hi Community.

I'm building IFS Cloud (23R1) behind a proxy.
In this environment, I would like to authenticate with Azure AD. What is the right configuration to communicate from the middle tier to Azure AD via proxy?

I think there is no problem with setting up the IAM Provider for IFS Cloud and setting up Azure AD(When I change the network settings to allow Middile Tier to communicate with Azure AD without going through a proxy, authentication with Azure AD succeeds.)

On the middle tier, /etc/environment contains environment variable settings for http_proxy, https_proxy, and no_proxy. However, I don't think this setting will affect the behavior of the pod.

Question 1:

I executed the following to set the environment variable to ifsapp-iam, and now I can authenticate with Azure AD.

  kubectl set env deployment ifsapp-iam -n <namespace> HTTP_PROXY=http://<proxy server>:<port> HTTPS_PROXY=http://<proxy server>:<port>

I think there is also communication within k8s, so I think we need to set the NO_PROXY environment variable as well, but what should I set in the NO_PROXY environment variable?

Is this the right way to do things in the first place?  I remember hearing something like that the definition of a Pod should not be edited.

Question 2:

Is Question 1 the right way to do it?  Is there any way to set it up other than changing the definition information of the Pod (Deployment)?  In other words, is there a way to set it from the main_config.json parameters, the parameters of ifscloud-values.yaml, or the IFS Cloud Web?

Best regards.