AKS: Disable local accounts with Terraform

added by DotNetKicks
2/28/2022 2:49:38 PM

138 Views

When deploying an AKS cluster, even if you configure RBAC or AAD integration, local accounts will be enabled by default. This means that, given the right set of permitions, a user will be able to run the az get-credentials command with the --admin flag which will give you a non-audtibale access to the cluster.


0 comments