You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: AKS-Arc/azure-rbac-local.md
+14-4Lines changed: 14 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -6,8 +6,8 @@ ms.custom: devx-track-azurecli
6
6
author: sethmanheim
7
7
ms.author: sethm
8
8
ms.reviewer: leslielin
9
-
ms.date: 05/21/2025
10
-
ms.lastreviewed: 05/21/2025
9
+
ms.date: 07/25/2025
10
+
ms.lastreviewed: 07/25/2025
11
11
12
12
# Intent: As an IT Pro, I want to use Azure RBAC to authenticate connections to my AKS clusters over the Internet or on a private network.
13
13
# Keyword: Kubernetes role-based access control AKS Azure RBAC AD
@@ -45,7 +45,17 @@ Before you begin, make sure you have the following prerequisites:
45
45
az extension update --name connectedk8s
46
46
```
47
47
48
-
- To interact with Kubernetes clusters, you must install [**kubectl**](https://kubernetes.io/docs/tasks/tools/) and [**kubelogin**](https://azure.github.io/kubelogin/install.html).
48
+
- To interact with Kubernetes clusters, you must install [**kubectl**](https://kubernetes.io/docs/tasks/tools/) and [**kubelogin**](https://azure.github.io/kubelogin/install.html). You can use the following Azure CLI or Azure PowerShell commands to install both **kubectl** and **kubelogin**:
49
+
50
+
# [Azure CLI](#tab/cli)
51
+
52
+
Install kubectl locally using the [az aks install-cli](/cli/azure/aks?view=azure-cli-latest#az-aks-install-cli&preserve-view=true) command.
53
+
54
+
# [PowerShell](#tab/powershell)
55
+
56
+
Install kubectl locally using the [Install-AzAksCliTool](/powershell/module/az.aks/install-azaksclitool?view=azps-14.2.0&preserve-view=true) cmdlet.
57
+
58
+
---
49
59
- The following permissions are required to enable Azure RBAC when creating a Kubernetes cluster:
50
60
- To create a Kubernetes cluster, the [**Azure Kubernetes Service Arc Contributor**](/azure/role-based-access-control/built-in-roles/containers#azure-kubernetes-service-arc-contributor-role) role is required.
51
61
- To use the `--enable-azure-rbac` parameter, the [**Role Based Access Control Administrator**](/azure/role-based-access-control/built-in-roles/privileged#role-based-access-control-administrator) role is required for access to the **Microsoft.Authorization/roleAssignments/write** permission.
@@ -222,4 +232,4 @@ az role definition delete -n "AKS Arc Deployment Reader"
222
232
-[Access and identity options](concepts-security-access-identity.md) for AKS enabled by Azure Arc
223
233
-[Create an Azure service principal with Azure CLI](/cli/azure/azure-cli-sp-tutorial-1)
224
234
- Available Azure permissions for [Hybrid + Multicloud](/azure/role-based-access-control/resource-provider-operations#microsoftkubernetes)
225
-
- Help to protect your cluster in other ways by following the guidance in the [security book for AKS enabled by Azure Arc](/azure/azure-arc/kubernetes/conceptual-security-book?toc=/azure/aks/aksarc/toc.json&bc=/azure/aks/aksarc/breadcrumb/toc.json).
235
+
- Help to protect your cluster in other ways by following the guidance in the [security book for AKS enabled by Azure Arc](/azure/azure-arc/kubernetes/conceptual-security-book?toc=/azure/aks/aksarc/toc.json&bc=/azure/aks/aksarc/breadcrumb/toc.json).
![prmerger-automator[bot]](https://avatars.githubusercontent.com/u/22479449?v=4&size=40){kind=avatar}
0 commit comments