fsGroupPolicy feature is supported from Kubernetes 1.20, default CSI driver installation does not have this feature, follow below steps to enable this feature. Please note that blobfuse does not support fsGroupPolicy yet, only NFS protocol supports fsGroup.
Option#1: Enable fsGroupPolicy support in driver helm installation
add --set feature.fsGroupPolicy=File
in helm installation command.
kubectl delete CSIDriver blob.csi.azure.com
cat <<EOF | kubectl create -f -
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
name: blob.csi.azure.com
spec:
attachRequired: false
podInfoOnMount: true
fsGroupPolicy: File
volumeLifecycleModes:
- Persistent
- Ephemeral
EOF