0

I need to add RBAC to my AKS, but when I go to Azure portal it says that it's a creation operation and that it's not possible to update it afterwards.

Do I need to tear down the whole cluster and create a new one with RBAC enabled to make use of this feature?

It's an ongoing project in production, so for me it's not as simple as running terraform destroy and terraform apply unfortunately.

How would you suggest to do it, to make sure of minimum impact on availability and to have everything set up the same way as the previous cluster?

Domenico
  • 1

1 Answers1

1

I tried to reproduce the same in my environment I got the results successfully like below:

It is possible to add RBAC enabled After creating a Kubernetes cluster:

In your Kubernetes cluster -> under setting, cluster configuration -> choose azure authentication with azure RBAC and save like below:

enter image description here

Then, make use of below cmd to add Azure RBAC for Kubernetes Authorization into an existing AKS cluster,

az aks update -g myResourceGroup -n myAKSCluster --enable-azure-rbac

enter image description here

Reference:

Manage Azure RBAC in Kubernetes From Azure - Azure Kubernetes Service | Microsoft Learn

Imran
  • 3,875
  • 2
  • 3
  • 12
  • That's the problem I'm having, for me it's disabled: (cannot post picture here unfortunately, but the select box is disabled and underneath I have this message) This cluster does not have RBAC enabled. Enabling RBAC is a create time only action and you'll need to redeploy a new cluster with RBAC to have access to both native Kubernetes RBAC and Azure RBAC.Learn more – Domenico Jan 09 '23 at 13:13
  • Then you can redeploy new cluster with RBAC to access it – Imran Jan 09 '23 at 14:08