Skip to content

Commit 39a72e3

Browse files
learn-build-service-prod[bot]learn-build-service-prod[bot]
authored
Merge pull request #3265 from MicrosoftDocs/main638588196614961438sync_temp
For protected branch, push strategy should use PR and merge to target branch method to work around git push error
2 parents 014a134 + da45b9f commit 39a72e3

File tree

1 file changed

+2
-0
lines changed

1 file changed

+2
-0
lines changed

AKS-Hybrid/kubernetes-rbac-entra-id.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -32,6 +32,8 @@ Before you set up Kubernetes RBAC using Microsoft Entra ID, you need the followi
3232
- **Azure CLI and the connectedk8s extension**. Azure CLI is a set of commands used to create and manage Azure resources. To check whether you have the Azure CLI, open a command line tool, and type: `az -v`. Also, install the [connectedk8s extension](https://github.com/Azure/azure-cli-extensions/tree/main/src/connectedk8s) in order to open a channel to your Kubernetes cluster. For installation instructions, see [How to install Azure CLI](/cli/azure/install-azure-cli).
3333
- **Kubectl**. This Kubernetes command-line tool enables you to run commands targeting your Kubernetes clusters. To check whether you installed kubectl, open a command prompt and type: `kubectl version --client`. Make sure your kubectl client version is at least version v1.24.0. For installation instructions, see [kubectl](https://kubernetes.io/docs/tasks/tools/#kubectl).
3434
- **PowerShell and the AksHci PowerShell module**. PowerShell is a cross-platform task automation solution comprised of a command-line shell, a scripting language, and a configuration management framework. If you installed AKS Arc, you have access to the **AksHci** PowerShell module.
35+
- To access the Kubernetes cluster from anywhere with a proxy mode using `az connectedk8s proxy` command, you need the **Microsoft.Kubernetes/connectedClusters/listClusterUserCredential/action**, which is included in the **Azure Arc-enabled Kubernetes Cluster User** role permission. Meanwhile, you need to verify that the agents and the machine performing the onboarding process meet the network requirements in [Azure Arc-enabled Kubernetes network requirements](/azure/azure-arc/kubernetes/network-requirements?tabs=azure-cloud#details).
36+
3537

3638
## Optional first steps
3739

0 commit comments

Comments
 (0)