Some days ago Azure published a description on how to create an AKS cluster with RBAC and AAD. I already have an AKS. How can I add an existing AKS to AAD?
Asked
Active
Viewed 561 times
1
-
1Could you elaborate more on what you are hoping to achieve? – Win Jun 21 '18 at 13:22
2 Answers
2
If I go to https://resources.azure.com and check my AKS cluster created with Azure Active Directory (AAD) RBAC, I can see these properties related to such integration:
"enableRBAC": true
and
"aadProfile": {
"clientAppID": "7ee598bb-0000-0000-0000-83692e2d717e",
"serverAppID": "7ee598bb-0000-0000-0000-83692e2d717e",
"tenantID": "72f988bf-0000-0000-0000-2d7cd011db47"
}
If I then go to https://resources.azure.com and try to change the property enableRBAC to true in another AKS cluster I have that was not created with AAD integration I get this error:
{ "code": "InternalOperationError", "message": "An error has occurred in subscription 12a6d3bd-xxxx-xxxx-accf-0c984bed2311, resourceGroup: aks request: existing ManagedCluster has properties.enableRBAC false. update to true is not supported." }
So it looks like currently is not possible to add AAD support to an existing cluster - you will need to re create the cluster with AAD support.
andresm53
- 1,913
- 6
- 15
1
You can't.
Because to do this update on the cluster you would need access to the master nodes, which by definition you don't have in AKS.
Bruno Medina
- 681
- 6
- 22