AAD Pod Identity
By default, pods are not assigned Azure AD identities and require out-of-band management of credentials to gain access to resources. The cluster itself will assign a single <cluster name>-agentpool
identity to all of the cluster nodes as a user-assigned identity. AAD Pod Identity allows defining AzureIdentity
objects for managed identities which can the bound to pods via AzureIdentityBinding
objects.
Backlinks