Differences between revisions 1 and 2

k8s/AzureAKS

Links https://docs.microsoft.com/en-us/azure/aks/kubernetes-service-principal?tabs=azure-cli
SP - Service principal - used by the k8s cluster
- NOTE: $/!\$ only valid for 1 year - rotate credentials
  - Saved on azure node(vm) at /etc/kubernetes/azure.json
  - If created with az aks create, saved on laptop at ~/.azure/aksServicePrincipal.json
  - got to delete SP, on cluster deletion, not done for you. query for your clusters servicePrincipalProfile.clientId and then delete it using the az ad sp delete
- Give it roles/access e.g.
  - Access to Azure Container registry to pull images
  - Access storage in different RG
  - Access IP in different RG

-  ⇤ ← Revision 1 as of 2022-08-14 05:52:34 → 
  Size: 18
  Editor: PieterSmit
  Comment:
+   ← Revision 2 as of 2022-08-14 06:05:33 → ⇥
  Size: 721
  Editor: PieterSmit
  Comment:
-Deletions are marked like this.
+Additions are marked like this.
 Line 2:
+ * Links [[https://docs.microsoft.com/en-us/azure/aks/kubernetes-service-principal?tabs=azure-cli]]

 * SP - Service principal - used by the k8s cluster
   * NOTE: /!\ only valid for 1 year - rotate credentials
     * Saved on azure node(vm) at /etc/kubernetes/azure.json
     * If created with az aks create, saved on laptop at  ~/.azure/aksServicePrincipal.json
     * got to delete SP, on cluster deletion, not done for you. query for your clusters servicePrincipalProfile.clientId and then delete it using the az ad sp delete 

   * Give it roles/access e.g.
     * Access to Azure Container registry to pull images
     * Access storage in different RG
     * Access IP in different RG