Skip to main content


Showing posts from November, 2020

AKS-managed Azure AD : How to integrate your AKS cluster with Azure AD

AKS is evolving at a dizzying pace and there have been quite  a number of changes since I wrote about AKS namespace isolation and AAD integration . The major update is in terms of creating and Azure AD integrated AKS cluster. You no longer need to create and manage the server and client application, it is handled by the AKS resource provider.  There are few limitations with this approach though before you get started   - You cannot disable the AKS-managed Azure AD integration once it is enabled   - Process is supported only for RBAC enabled clusters   - Azure AD tenant once integrated cannot be switched to a different one Lets start with creating an Azure AD group. You can also use an existing one if you want to. Note that creating an Azure AD group would need Global administrator rights I am executing these steps from Azure cloud shell , where all the required tools like Azure CLI and Kubectl are preinstalled 1. Create the Azure AD group for your cluster administrators. Note down the