Reputation: 44
How to use Managed Identity to fetch credentials on AKS environment?
I have node(nestjs) application deploy in AKS, clusters were created using kubenet network. The node application needs to access the sql DB, we have configured managed identities, so it'll be user managed identity. To create connection I'm using token based approached, where I get the credentials using https://www.npmjs.com/package/@azure/identity package ( using DefaultAzureCredential on local and ManagedIdentityCredential on server), and with those credentials, I get the token, and then token is used in creating the DB connection. For local it worked fine, using DefaultAzureCredential and az cli with user logged in. But on AKS it throws error as no managed identity found( when ManagedIdentityCredential used), why is that, please help to get to the solution, it has become a huge blocker?
Upvotes: 0
Views: 1113
Answers (1)
Reputation: 358
Have you checked if aad identity is created?
kubectl get azureidentity -n $POD_IDENTITY_NAMESPACE
kubectl get azureidentitybinding -n $POD_IDENTITY_NAMESPACE
If not add it on the cluster. There should be pods in a namespace which control the traffic flow to microsoft AAD, so Node Managed Identity(nmi), and describe node reveals pods on the node which intercept the calls.
Check out the docs
Upvotes: 0
Related Questions
- How to access Azure Key Vault (AKV) from Azure Kubernetes Service (AKS) using Managed Identities
- Azure - Using a Managed Identity to authenticate AKS to KeyVault and other resources
- How to use AKS managed identity in ArgoCD to connect to ACR?
- Azure Identity Authentication DefaultAzureCredential with Node Js
- How to obtain Azure credentials using kubectl?
- Azure Key Vault using manage identity in AKS
- How do I authenticate with azure/identity module in node.js?
- Azure Kubernetes Service- Get kubeconfig for non-admin AD app identity
- what is the best way to use managed identities feature for AKS cluster?
- How to access Key Vault with Azure Managed Service Identity in node?