Integrate with AKS

Overview

With a connector installed on your Kubernetes platform, the next step is setting permissions for Apono to manage access control.

Step by step guide

Prerequisites

  • An Apono Kubernetes connector installed on the AKS cluster you want to integrate
  • User Access Administrator role in Azure to grant users the Azure Kubernetes Service Cluster User Role role. Note: Apono does not require admin permissions to your environment

🚧

Please note! If you installed the Apono connector on the cluster, there is no need to provide the secret in the Add Integration form in the UI.

The connector already handles the secret ;)

Integrate Apono with AKS

Grant requesters the Azure Kubernetes Service Cluster User Role

Your users need the Azure Kubernetes Service Cluster User Role role in the cluster or cluster's resource group/subscription scope. This allows them to run the az aks get-credentials command.

Read more on how to do that here.

Select a Connector

  1. Select AKS from the Catalog.
  2. On the next page, select an existing connector installed on the AKS cluster from the drop-down list.
  3. Click Next to view the AKS integration form.

Complete the Integration Form

  1. Integration name: Give the integration a name.
  2. If you installed the Apono connector on the AKS cluster, ignore the optional params and the secret
    1. Resource Group: The resource group the cluster is installed in from the Azure admin panel
    2. Cluster name: The unique name of the cluster you are integrating
    3. Server URL: Not required if you installed the Apono connector on the AKS cluster
    4. Certificate authority: Not required if you installed the Apono connector on the AKS cluster

Results

Integration of Apono with AKS is now complete.

Next Steps

  1. Manage users and groups. If you have and IdP set up, for example Okta or Azure AD, you may want to integrate Apono in order to sync users and groups.
  2. You can now control access to this resource by defining Access Flows.
  3. Make it easy for your users to request access by integrating your Slack or Teams organization with Apono.