Skip MFA with az aks get-credential command

Context

AKS is better integrated to Azure Active Directory. In the past, at each az aks get-credentials command you should re-enter MFA using Azure Portal.

Now, the azure credentials will be used to signed the kubeconfig token.

What does it change ?

BEFORE

Get AKS kubeconfig
Enable manually MFA
Access to the cluster

AFTER

Get AKS kubeconfig
Skip MFA using a script which use the azure-cli token
Access to the cluster

What to do ?

Prerequisites

Install kubelogin

# install
$ brew install Azure/kubelogin/kubelogin

# upgrade
$ brew update
$ brew upgrade Azure/kubelogin/kubelogin

Use AKS

# Get AKS kubeconfig
$ az aks get-credentials --name $INSTANCE_NAME --resource-group $INSTANCE_NAME

# use azure-cli token
kubelogin convert-kubeconfig -l azurecli

Then, access to your cluster (without re-enabling MFA)

Context​

What does it change ?​

What to do ?​

Prerequisites​

Use AKS​

Context

What does it change ?

What to do ?

Prerequisites

Use AKS