You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/aks/trusted-access-feature.md
+4-7Lines changed: 4 additions & 7 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -4,13 +4,13 @@ description: Learn how to use the Trusted Access feature to enable Azure resourc
4
4
author: schaffererin
5
5
services: container-service
6
6
ms.topic: article
7
-
ms.date: 02/22/2023
7
+
ms.date: 02/23/2023
8
8
ms.author: schaffererin
9
9
---
10
10
11
-
# Enable Azure resources to access Azure Kubernetes Service (AKS) clusters using Trusted Access (PREVIEW)
11
+
# Enable Azure resources to access Azure Kubernetes Service (AKS) clusters using Trusted Access (Preview)
12
12
13
-
Many Azure services that integrate with Azure Kubernetes Service (AKS) need access to the Kubernetes API server. In order to avoid granting these services admin access or having to keep your AKS clusters public for network access, you can use the AKS Trusted Access feature.
13
+
Many Azure services that integrate with Azure Kubernetes Service (AKS) need access to the Kubernetes API server. In order to avoid granting these services admin access or having to keep your AKS clusters public for network access, you can use the AKS Trusted Access feature.
14
14
15
15
This feature allows services to securely connect to AKS and Kubernetes via the Azure backend without requiring private endpoint. Instead of relying on identities with [Microsoft Azure Active Directory (Azure AD)](../active-directory/fundamentals/active-directory-whatis.md) permissions, this feature can use your system-assigned managed identity to authenticate with the managed services and applications you want to use on top of AKS.
16
16
@@ -22,9 +22,6 @@ Trusted Access addresses the following scenarios:
22
22
23
23
* For example, you may have to implement high-privileged service-to-service permissions, which aren't ideal during audit reviews.
24
24
25
-
> [!NOTE]
26
-
> Using the Trusted Access feature on Azure RBAC-enabled clusters isn't supported.
27
-
28
25
This article shows you how to enable secure access from your Azure services to your Kubernetes API server in AKS using Trusted Access.
29
26
30
27
[!INCLUDE [preview features callout](./includes/preview/preview-callout.md)]
@@ -38,7 +35,7 @@ Trusted Access enables you to give explicit consent to your system-assigned MSI
38
35
* An Azure account with an active subscription. [Create an account for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F).
39
36
* Resource types that support [system-assigned managed identity](../active-directory/managed-identities-azure-resources/overview.md).
40
37
* Pre-defined Roles with appropriate [AKS permissions](concepts-identity.md).
41
-
* To learn about what Roles to use in various scenarios, see [AzureML access to AKS clusters with special configurations](../machine-learning/azureml-aks-ta-support.md).
38
+
* To learn about what Roles to use in various scenarios, see [AzureML access to AKS clusters with special configurations](https://github.com/Azure/AML-Kubernetes/blob/master/docs/azureml-aks-ta-support.md).
42
39
* If you're using Azure CLI, the **aks-preview** extension version **0.5.74 or later** is required.
43
40
44
41
First, install the aks-preview extension by running the following command:
0 commit comments