Skip to content

AKS to ACR passwordless cross-tenant integration #781

New issue
New issue
Open
Open
AKS to ACR passwordless cross-tenant integration#781
Assignees
getk12
Labels
feature-aks-integrationIssues realted to integration with AKSfeature-requestIssues that request new featurestriagedUse after the issue is triaged
@akorp

Description

@akorp
akorp
opened on Oct 4, 2024

We have multiple AKS cluster in different tenants and we would like to have passwordless integration with ACR. Today it is possible to setup integration between AKS and ACR with the help of managed identities. However since managed identities does not support multi-tenant access, this solution probably will not allow cross tenant AKS to ACR integration.

Today we use AD application with password for have cross tenant access, but we still use ad credentials in our cluster which we have to rotate and manage.

Would like to have a passwordless option for an AKS in one tenant to access ACR in another tenant. Not sure how this can be implemented, maybe somehow similar to the existing solution with AD application with password for have cross tenant access, but using federated credentials for AD application.

Metadata

Metadata

Assignees

Labels

feature-aks-integrationIssues realted to integration with AKSfeature-requestIssues that request new featurestriagedUse after the issue is triaged

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions