question

akhan avatar image
0 Votes"
akhan asked singhh-msft commented

How to look up AKS managed AAD user ID

We are switching our current project from legacy to using AKS Managed AAD in terraform. Our code uses the legacy AKS service principal ID/Secret to setup some config. I am now wondering since we dont have to create a SP and it is managed as part of AKS AAD. Is it possible for me to look up the AKS-Managed AAD user ID ?
Thanks

azure-active-directoryazure-kubernetes-service
· 4
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@akhan, thank you for reaching out to us. Happy to help. I suppose that you are asking about fetching Principal ID, if not please let me know otherwise. Use the following command to query objectid of your control plane managed identity:

 az aks show -g myResourceGroup -n myManagedCluster --query "identity"

The result should look like:

 {
   "principalId": "<object_id>",   
   "tenantId": "<tenant_id>",      
   "type": "SystemAssigned"                                 
 }

Finally, get credentials to access the cluster:

 az aks get-credentials --resource-group myResourceGroup --name myManagedCluster

I recommend you to check out Create an AKS cluster with managed identities for more information.

Let me know if this answers your question.




0 Votes 0 ·

@akhan, also, do check out AKS-managed Azure Active Directory integration.

Let me know if these answer your query.

0 Votes 0 ·

@akhan, just checking in to see of you got a chance to look at my comments.

0 Votes 0 ·

@akhan, just checking in to see of you got a chance to look at my comments.

0 Votes 0 ·

0 Answers