ASO API - AKS Automatic Authentication Failure #5017
Assignees
Labels
kind/bug
Categorizes issue or PR as related to a bug.
priority/important-longterm
Important over the long term, but may not be staffed and/or may need multiple releases to complete.
size/L
Denotes a PR that changes 100-499 lines, ignoring generated files.
triage/accepted
Indicates an issue or PR is ready to be actively worked on.
Milestone
Comments
mboersma
added
the
needs-triage
|
I think I have a decent handle on this. /triage accepted |
k8s-ci-robot
added
the
triage/accepted
nojnhuh
removed
the
needs-triage
|
/priority backlog |
k8s-ci-robot
added
the
priority/backlog
|
I've been working on this in the background and have it mostly working, but don't want to rush anything for the release next week. /milesone next |
|
/milestone next |
dtzar
added
priority/important-longterm
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
/kind bug
What steps did you take and what happened:
When integrating the new ASO API with an AKS Automatic resource, I discovered that the reconciler cannot authenticate with the newly provisioned cluster. By default, AKS Automatic uses Entra ID with Azure RBAC integration. This setup causes the reconciler to fail authentication, preventing reconciliation completion.
Cluster authentication and authorization
What did you expect to happen:
The reconciler successfully authenticates with the cluster using Azure RBAC. Maybe similar to how the AzureClusterIdentity object is used.
Anything else you would like to add:
Management cluster is using AKS Automatic with the Cluster API Operator and Workload Identity to authenticate.
Environment:
The text was updated successfully, but these errors were encountered: