Integrate with AKS

Create an integration to manage access to a Kubernetes cluster on Azure


With Azure Kubernetes Service (AKS) on Microsoft Azure, AKS simplifies the management complexities of Kubernetes.

Through this integration, Apono helps you securely manage access to your Microsoft Azure Kubernetes cluster.



Prerequisites

Before starting this integration, create or obtain the items listed in the following table.

ItemDescription
Apono ConnectorOn-prem connection installed on the AKS cluster that serves as a bridge between the cluster and Apono
Apono PremiumApono plan providing all available features and dedicated account support
User Access Administrator RoleAzure role that enables granting users the Azure Kubernetes Service Cluster User role.

Apono does not require admin permissions to the Kubernetes environment.


Integrate with Azure Kubernetes Service (AKS)


Use the following steps to complete the integration:

  1. On the Catalog tab, click Azure Kubernetes Service (AKS). The Connect Integration page appears.
  2. Under Discovery, click one or more resource types and cloud services to sync with Apono.

    📘

    Apono automatically discovers and syncs all the instances in the environment. After syncing, you can manage Access Flows to these resources.

  3. Click Next. The Apono connector section appears.
  4. From the dropdown menu, select a connector.

    💡

    If the desired connector is not listed, click + Add new connector and follow the instructions for creating a Kubernetes connector.

  5. Click Next. The Integration Config section expands.
  6. Define the Integration Config settings.
    Setting Description
    Integration Name Unique, alphanumeric, user-friendly name used to identify this integration when constructing an access flow
    Server URL (Optional) URL of the Kubernetes API server used to interact with the Kubernetes cluster
    Certificate Authority (Optional) Certificate that ensures that the Kubernetes API server is trusted and authentic

    Leave this field empty if you want to connect the cluster where the connector is deployed.
    Resource Group (Optional) Resource group where the cluster is deployed

    This is the resourceGroupName.
    Cluster Name (Optional) Cluster name as it appears in AKS

    This is the resourceName.
    Subscription ID (Optional) Subscription ID where the cluster is deployed

  1. Click Next. The Secret Store section expands.
  2. Associate the secret or credentials:
  3. Click Next. The Custom Access Details section expands.
  4. (Optional) Enter Access Details Instructions to explain how to access this function.
  5. Click Confirm.

Now that you have completed this integration, you can create access flows that grant permission to your Azure Kubernetes Service cluster.