How can we improve the Azure Kubernetes Service (AKS)?

Support non-interactive login for AAD-integrated clusters

Currently if your cluster is integrated with AAD, any kubectl command will prompt you for an interactive login, even after logging in via Azure CLI and obtaining Kubectl credentials using 'az aks get-credentials'.

This won't work for anything using automation (e.g. a CI server such as Jenkins).

Ideally one could log in using a service principal who is then mapped to roles using RBAC. Once you are logged in via the Azure CLI, you could obtain the credentials and execute Kubectl commands as normal.

Original issue here: https://github.com/Azure/AKS/issues/556

A similar issue was raised here, but I would like to be able to do this without having to distribute credentials: https://github.com/Azure/AKS/issues/600

119 votes
Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)

We’ll send you updates on this idea

Tim Webster shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

5 comments

Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)
Submitting...

Feedback and Knowledge Base