Reading Time: 2 minutes
Share:
Twitter
LinkedIn
Facebook
Reddit
Whatsapp
Follow by Email

You may not know, but by default, AKS clusters are created with a service principal and that service principal has a one-year expiration time. Luckily there is an easy solution to update the credentials and this blog post is going to show you how to do it!

Note: You will need Azure CLI 2.0.65 or later to be able to follow this blog post. To check what version you have run az-version to find your version.  To upgrade or install you can follow this guide. tps://docs.microsoft.com/en-us/cli/azure/install-azure-cli?view=azure-cli-latest

Time to start

So, first, you need to get the service principal that we are using for your AKS cluster. To do that in your terminal use the following. Just make sure to change it to match your resource group and AKS cluster.

Don’t worry about the orange text in my terminal. I have been playing with the AKS-preview commands so it is just a warning. You will not see it.

So now we have the Service Principal ID saved as a SP_ID variable. We will be using it next.

Let’s update the Service Principal

In the same window using the following to update your service principal with a password automatically generated by Azure. The code also saves the new password to a variable so you can find it later to update your password manager. You might need it for IaC deployments.

If you want to see your Service Principal credentials use the following.

Awesome, you have updated your service principal credentials, but you are not finished yet. Now you have to Update your AKS cluster with the new credentials.

Update AKS

In the same window enter the following code. You will need to change your resource group name and AKS cluster name.

That’s it! You have now updated your service principals credentials and also updated your AKS cluster with the new credentials.

Add an entry in your calendar to repeat this next year.

I hope you found this article helpful. If you have any questions or comments reach out below or via social media.

Share:
Twitter
LinkedIn
Facebook
Reddit
Whatsapp
Follow by Email

Pixel Robots.

I’m Richard Hooper aka Pixel Robots. I started this blog in 2016 for a couple reasons. The first reason was basically just a place for me to store my step by step guides, troubleshooting guides and just plain ideas about being a sysadmin. The second reason was to share what I have learned and found out with other people like me. Hopefully, you can find something useful on the site.

1 Comment

Robin · January 15, 2021 at 12:18 pm

Thank you very much, you’re a life saver!

Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *