kubelogin enabled cluster device login takes CLIENT ID from ENV variable #427
Comments
|
I have just discovered this as well after starting the process of migrating clusters to managed aad enabled. Please fix this as our developers at times use env variables for azure identity auth in c# applications. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi Team,
We have a kubelogin enabled AKS and after downloading the config file when we try to execute kubectl get ns command.
user:
exec:
apiVersion: client.authentication.k8s.io/v1beta1
args:
- get-token
- --login
- devicecode
per above it forces to authenticate device via a code.
To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code GLHKGGU9X to authenticate.
At this step, it picks up CLIENT ID from env variable "AZURE_CLIENT_ID" instead of taking up the value for Config file. Due to this we faced lots of trouble in logging in to k8 cluster, please let me know if any questions.
MSFT support team helped fix the issue by removing the env variable, however I was advised to raise this ticket to get this fixed.
The text was updated successfully, but these errors were encountered: