Legacy authentication for Container Insights
Container Insights defaults to managed identity authentication, which has a monitoring agent that uses the cluster's managed identity to send data to Azure Monitor. It replaced the legacy certificate-based local authentication and removed the requirement of adding a Monitoring Metrics Publisher role to the cluster.
This article describes how to migrate to managed identity authentication if you enabled Container insights using legacy authentication method and also how to enable legacy authentication if you have that requirement.
Migrate to managed identity authentication
If you enabled Container insights before managed identity authentication was available, you can use the following methods to migrate your clusters.
You can migrate to Managed Identity authentication from the Monitor settings panel for your AKS cluster. From the Monitoring section, click on the Insights tab. In the Insights tab, click on the Monitor Settings option and check the box for Use managed identity
If you don't see the Use managed identity option, you are using an SPN cluster. In that case, you must use command line tools to migrate. See other tabs for migration instructions and templates.
Timeline
Any new clusters being created or being onboarded now default to Managed Identity authentication. However, existing clusters with legacy solution-based authentication are still supported.
Next steps
If you experience issues when you upgrade the agent, review the troubleshooting guide for support.
Feedback
https://aka.ms/ContentUserFeedback.
Kommer snart: I hele 2024 udfaser vi GitHub-problemer som feedbackmekanisme for indhold og erstatter det med et nyt feedbacksystem. Du kan få flere oplysninger under:Indsend og få vist feedback om