I created an AKS cluster with an authentication option (Azure AD authentication with Azure RBAC enabled). When I try to install the flux extension I receive an error:
The extension operation failed with the following error: Request failed to https://management.azure.com/subscriptions/***/resourceGroups/***/providers/Microsoft.ContainerService/managedclusters/***/extensionaddons/flux?api-version=2021-03-01. Error code: Unauthorized. Reason: Unauthorized.{"error":{"code":"InvalidAuthenticationToken","message":"The received access token is not valid: at least one of the claims 'puid' or 'altsecid' or 'oid' should be present. If you are accessing as application please make sure service principal is properly created in the tenant."}}.
The cluster has a custom managed identity assigned to the kubelet. Tried to configure it with a terraform or manually with az cli but same error. Me (az cli) and the sp (terraform) and kubelet managed identity have necessary roles: Contributor and Azure Kubernetes Service RBAC Cluster Admin.
What could be wrong, does the extension support installation on azure ad rbac enabled cluster?
