AKS roles and access

Niren Adhikary (NAD) 146 Reputation points
2022-10-18T17:21:03.183+00:00

Hello,

We want to deploy multiple application in AKS as a shared resource and so we want to separate each application with namespace.

How can we manage the access to different teams/users so that they only have access to the specific namespace and not to the entire AKS or does not allow other users to make any changes to other namespaces ?

Azure Kubernetes Service (AKS)
Azure Kubernetes Service (AKS)
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
1,935 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. JimmySalian-2011 41,966 Reputation points
    2022-10-18T17:46:21.287+00:00

    Hi @Niren Adhikary (NAD) ,

    Azure Kubernetes Service (AKS) can be configured to use Azure Active Directory (AD) for user authentication. In this configuration, you sign in to an AKS cluster using an Azure AD authentication token. Once authenticated, you can use the built-in Kubernetes role-based access control (Kubernetes RBAC) to manage access to namespaces and cluster resources based on a user's identity or group membership.

    There is definetely an option for this kind of scenario so explore the RBAC model and you can apply the namespace access to only specified users as per the requirements.
    manage-azure-rbac
    concepts-identity

    Hope this helps.

    ----
    Please don't forget to upvote and Accept as answer if the reply is helpful

    If this answer helped you please mark it as "Verified" so other users can reference it.