Good one. Question - Instead of using the SPN. We can also enable System Managed Identities on DevOps Agent VM and add the object id in the AKS AAD group right ?
hi, i want to ask.. how can i use command az aks get-credential in pipeline? if in my local, i can just use az login, and then i can use that command... but in pipeline its imposible if we login through az login..
You use the Azure CLI task with a service connection that has access to K8S. Then you can use az aks get-credential, potentially with --admin. If you want to use the AAD credentials of the Azure CLI task, check this blogpost -> blog.baeke.info/2021/06/03/a-quick-look-at-azure-kubelogin/
![Felix "Unfair" | [Stray Kids : SKZ-PLAYER]](http://i.ytimg.com/vi/Oswujxm2Ag0/mqdefault.jpg)
thanks, that's really helpful..👍
Excellent video Geert, waiting for other videos on Authorization and Admission Control
Good one. Question - Instead of using the SPN. We can also enable System Managed Identities on DevOps Agent VM and add the object id in the AKS AAD group right ?
Yes, that's supported. E.g. az login with the --identity parameter
Great content. I wish I had found it a couple of weeks ago… 👍
I am glad it was helpful!
@@GeertBaeke it was really helpful. Do you intend to pursue this topic further with the authz side?
Nice video as usual :)
hi, i want to ask..
how can i use command az aks get-credential in pipeline?
if in my local, i can just use az login, and then i can use that command...
but in pipeline its imposible if we login through az login..
You use the Azure CLI task with a service connection that has access to K8S. Then you can use az aks get-credential, potentially with --admin. If you want to use the AAD credentials of the Azure CLI task, check this blogpost -> blog.baeke.info/2021/06/03/a-quick-look-at-azure-kubelogin/