Can someone tell me which option is better to integrate Azure Key Vault with AKS Clusters

0 votes
Can someone tell me which option is better to integrate Azure Key Vault with AKS Clusters?

Is it FlexVolume using Service Principal as Secret or FlexVolume using AAD Pod Identity?
Feb 4, 2020 in Azure by anonymous
• 19,610 points
1,729 views

1 answer to this question.

0 votes

I would say Flexvolume using aad pod identity is ok as long as you kerberized the azure active directory. That way no azure active directory password is being sent over ldaps or tls1.2

answered Feb 4, 2020 by Sam
• 6,260 points

But can we use azure active directory pod Identity in production environment?

Yes you can, it's just not a standard yet. In other word you can implement it but with some acceptable risk. You can try this code as a trial: https://github.com/Azure/aad-pod-identity
And what are your views on FlexVolume using Service Principal??
Service principal is a proprietary Microsoft solution to use tokenized azure ad service principal to authorize pod. However it is not an open standard even though its might work great
Okay. Thanks!

Related Questions In Azure

0 votes
1 answer

How can i upload to Azure Blob storage with Shared Access key?

For GetBlobReferenceFromServer to work, the blob must be present ...READ MORE

answered Jun 12, 2018 in Azure by club_seesharp
• 3,450 points
3,603 views
0 votes
1 answer

Which Azure database is more suitable to me?

Hello @ Lakshminarayanan, Both the Azure SQL Database and ...READ MORE

answered Jul 8, 2020 in Azure by Niroj
• 82,840 points

edited Jul 4, 2023 by Khan Sarfaraz 863 views
0 votes
1 answer

How to serialize and de-serialize a PFX certificate in Azure Key Vault?

Here's a PowerShell script for you. Replace ...READ MORE

answered Sep 24, 2018 in Azure by club_seesharp
• 3,450 points
1,770 views
0 votes
1 answer

Which is better: Azure Blob or Azure Table?

The best solution is blob storage with ...READ MORE

answered Mar 5, 2019 in Azure by Archana
• 5,640 points
765 views
0 votes
1 answer

How to add a body to a HttpWebRequest that is being used with the Azure Service management API?

The following code should help: byte[] buf = ...READ MORE

answered Apr 3, 2019 in Azure by Prerna
• 1,960 points
2,716 views
0 votes
1 answer
0 votes
1 answer
0 votes
1 answer
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP