I'm experimenting with AKS and Azure CLI. So my first idea was use Azure CLI commands to setup an AKS cluster, what went pretty well. The next step is to bundle all those different commands into a single bash script. By using variables int the script I was hoping to make my life easier and at the beginning it did. This was until I reached the az aks create command, where I'm trying to pass the --client-secret $AKS_SP_SECRET and the --service-principal $AKS_SP_APP_ID. Those 2 variables are set by 2 previous Azure CLI commands (see script)
This always results in an error telling me that an "Invalid client secret is provided". I have already checked the value of the variables by doing an echo of the $AKS_SP_SECRET variable, who contained a password value.
This is the script that I'm trying to run at the moment and that always results in an error telling me that the provided client secret is invalid.
#!/bin/bash
LOCATION="westeurope"
RESOURCEGROUP_NAME="MyResourcegroup"
AKS_NAME="MyCluster"
AKS_SP_NAME='AksServicePrincipal'
# Create a service principal
az ad sp create-for-rbac \
--name http://$AKS_SP_NAME \
--skip-assignment
# Retrieve Service principal APPID and Client Secret
AKS_SP_APP_ID=$(az ad app list --display-name $AKS_SP_NAME --query "[].appId" -o tsv)
AKS_SP_SECRET=$(az ad sp credential reset --name http://$AKS_SP_NAME --query "password" -o tsv)
# Create Azure Kubernetes Cluster
az aks create --resource-group $RESOURCEGROUP_NAME \
--name $AKS_NAME \
--client-secret $AKS_SP_SECRET \
--service-principal $AKS_SP_APP_ID \
--generate-ssh-keys \
--location $LOCATION \
--kubernetes-version 1.13.11 \
If I split the above script in 2 different scripts and I set the value of the AKS_SP_SECRET variable in the second script like this AKS_SP_PASSWORD=99173ccb-5f2a-4eab-b367-3257fd9627ac then I don't get an error and everything works as expected.
Does anyone see what I'm doing wrong? And is it possible to pass the secret through a variable in a bash script?
Kind regards.
