This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hi,
How to use external identity providers to authenticate to Azure kubernetes cluster..
For GKE cluster I follow link, https://cloud.google.com/kubernetes-engine/docs/how-to/oidc .. Its easy.. creating Clientconfig with IssuerURI as URL of external OIDC povider.
For EKS, Cluster I follow link, https://docs.aws.amazon.com/eks/latest/userguide/authenticate-oidc-identity-provider.html .. Its easier by creating ClusterConfig and associating it.
But for Azure, I have not got any easy way to configure it.
Few articles suggest, federated approach.. few article suggest create b2c tenant and workflows. I am bit confused here.
Is there any easy way to associate external identity provide with Azure kubernetes cluster?
Thanks,
Rahul
@Rahul Katariya Thanks for posting your query on Microsoft Q&A.
You can use Azure Active Directory (Azure AD) to authenticate users to your AKS cluster using OpenID Connect (OIDC). I think the flow should look like this - To configure OIDC authentication, you need to create an Azure AD application and configure it to use your external identity provider as an authentication source. Then, configure the AKS cluster to use the Azure AD application for OIDC authentication.
See Azure AD workload identity. This authentication method integrates with the Kubernetes native capabilities to federate with any external identity providers on behalf of the application.