| Info |
|---|
The article explains how to provide access to AKS Cluster with enabled Active Directory(AD) integration for Cloudaware to discover AKS resources automatically. If your AKS cluster is not AD-managed, grant Cloudaware the permission Microsoft.ContainerService/managedClusters/listClusterUserCredential/readas described here. |
If Active Directory(AD) integration is enabled for AKS cluster, Azure allows access to AKS cluster resources (pods, nodes, etc) automatically using authorization via AD.
Set up the cluster role binding in AKS cluster for the Azure Application that has been added into Cloudaware.
...
Log in to Azure Portal → Microsoft Entra ID. Select the tab ‘Enterprise applications’'Enterprise applications'.
Select the application (in this example, cloudaware-api-access) → Overview. Copy and save the Object ID which is the unique ID of the service principal object associated with this application.
...
Please allow up to 24 hours for the AKS resources to be collected and displayed in Cloudaware CMDB.
List of AKS Cluster
...
objects
Cloudaware supports the following AKS cluster objects:
...