❗ IMPORTANT: As mentioned in the announcement, we are planning to replace AAD Pod Identity with Azure Workload Identity. Going forward, we will no longer add new features to this project in favor of Azure Workload Identity. However, we will continue patching critical bugs and security vulnerabilities until further notice. Refer to doc for release cadence.
AAD Pod Identity enables Kubernetes applications to access cloud resources securely with Azure Active Directory.
Using Kubernetes primitives, administrators configure identities and bindings to match pods. Then without any code modifications, your containerized applications can leverage any resource in the cloud that depends on AAD as an identity provider.
Setup the correct role assignments on Azure and install AAD Pod Identity through Helm or YAML deployment files. Get familiar with our CRDs and core components.
Try our walkthrough to get a better understanding of the application workflow.
Currently, AAD Pod Identity releases on a monthly basis to patch security vulnerabilities, targeting the first week of the month. Refer to Release Cadence for more details.
This project has adopted the Microsoft Open Source Code of Conduct. For more information, see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.
aad-pod-identity is an open source project that is not covered by the Microsoft Azure support policy. Please search open issues here, and if your issue isn't already represented please open a new one. The project maintainers will respond to the best of their abilities.