Skip MFA with az aks get-credential command

Context

Before the Atik 1.20, AKS is better integrated to Azure Active Directory. In the past, at each az aks get-credentials command you should re-enter MFA using Azure Portal.

From Atik 1.20, the azure credentials will be used to signed the kubeconfig token.

What does it change ?

BEFORE

1) Get AKS kubeconfig 2) Enable manually MFA 3) Access to the cluster

AFTER

1) Get AKS kubeconfig 2) Skip MFA using a script which use the azure-cli token 3) Access to the cluster

What to do ?

Prerequisites

Install kubelogin

# install
$ brew install Azure/kubelogin/kubelogin

# upgrade
$ brew update
$ brew upgrade Azure/kubelogin/kubelogin

Use AKS

# Get AKS kubeconfig
$ az aks get-credentials --name $INSTANCE_NAME --resource-group $INSTANCE_NAME

# use azure-cli token
kubelogin convert-kubeconfig -l azurecli

Then, access to your cluster (without re-enabling MFA)

Skip MFA with az aks get-credential command

Context​

What does it change ?​

What to do ?​

Prerequisites​

Use AKS​

Context

What does it change ?

What to do ?

Prerequisites

Use AKS