K
Q

Disabling Azure Active Directory RBAC in Azure Kubernetes Service

1/2/2019

Is it possible to temporarily disable Azure Active Directory RBAC in Azure Kubernetes Service? The reason I ask is because we are unable to set up automated tasks (like continuous integration) because authenticating against kubectl now requires human intervention to complete device code auth - I have another post here regarding that. Perhaps even just disabling Kubernetes RBAC will bypass the need to authenticate with AD? I would do this until a solution to the issue is available.

-- Dave New
azure
azure-active-directory
azure-kubernetes

Similar Questions

Spring Cloud Kubernetes - Spring boot fails to start when config reload is enabled
how to solve EADDRINUSE in GKE container?
Trying to join worker node to master master status ready worker status not ready
Create custom helm charts
How to resolve scheduler and controller-manager unhealthy state in Kubernetes
AWS eks user gets error: You must be logged in to the server (Unauthorized)
Getting 504 errors on API calls after migration to Kubernetes with Ambassador

1 Answer

1/3/2019

Although there is no document exactly say that you cannot disable the RBAC of an existing AKS cluster. But it shows that enabling role-based access control (RBAC) on existing clusters isn't supported at this time. In my opinion, it also means that you cannot disable the RBAC on existing AKS cluster. And it seems there is no way to achieve it, no matter Azure CLI, PowerShell or REST API.

I think the RBAC is a setting for AKS cluster and it could not be changed after it created now. We can expect that it could be changed in the future. Hope this will help you.

-- Charles Xu
Source: StackOverflow