Role-based access control
AKS is integrated with Azure active directory (https://azure.microsoft.com/en-ca/services/active-directory/) via OpenID connect tokens (https://kubernetes.io/docs/reference/access-authn-authz/authentication/#openid-connect-tokens). The Role-Based Access Control (RBAC) feature can only be enabled during cluster creation, so let's start over to create an RBAC-enabled cluster.
Before creating the cluster, we'll have to prepare two application registrations in the Azure active directory first. The first acts as a server for the users' group membership. The second is like a client that integrates with kubectl. Let's go to the Azure active registry service in the Azure portal first. Go to the Properties tab and record ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access