Hello,
Looking for some insight on disabling Kubernetes local accounts in Azure aks.
I have the following definition short version:
resource "azurerm_kubernetes_cluster" "cluster" {
name = var.cluster_name
node_resource_group = var.node_resource_group
location = var.region
resource_group_name = var.resource_group_name
kubernetes_version = var.kubernetes_version
dns_prefix = var.dns_prefix
local_account_disabled = true
azure_active_directory_role_based_access_control {
managed = true
}
Also experimented with additional options
role_based_access_control_enabled = true
and setting admin_group_object_ids
However, no matter what, in Azure portal I still see “Kubernetes local accounts” checked.
Local account is a legacy config and is important to insure this is disabled.
azurerm version is 3.5.0
k8s version 1.25.5
Any pointers are much appreciated. Thank you!