Hi!
In this article, I will show you how you check the expiration date of your service principal.
# - Replace the SD_ID value by your Service Principal Id SP_ID=14c0b2f2-1436-4cf3-b352-497103787a9c # - Run the query az ad sp credential list --id $SP_ID --query "[].endDate" -o tsv
Maxime.
Hi!
In a previous article, I show you how you can deploy a OPA Gatekeeper solution in your AKS cluster. We saw together how we can monitor the number of OPA gatekeeper violation in a second article.
In this article I will show how you can deploy a dashboard to monitor your OPA Gatekeeper violations. I will recommend you to use the solution Gatekeeper Policy Manager (GPM) created by Sighupio.
It’s very easy to deploy this solution, please clone the following repository and run this command to deploy the solution:
kubectl apply -k .
Once you’ve deployed the application, if you haven’t set up an ingress, you can access the web-UI using port-forward:
kubectl -n gatekeeper-system port-forward svc/gatekeeper-policy-manager 8080:80
For a production usage of this solution, I recommend you to configure the OIDC authentication.
Maxime.
Hi!
In this article, I would to show you a new feature of AKS, the goal of this feature is to automate the upgrade of your AKS cluster.
4 channels are available:
| Channel | Action | Example |
|---|---|---|
none | disables auto-upgrades and keeps the cluster at its current version of Kubernetes | Default setting if left unchanged |
patch | automatically upgrade the cluster to the latest supported patch version when it becomes available while keeping the minor version the same. | For example, if a cluster is running version 1.17.7 and versions 1.17.9, 1.18.4, 1.18.6, and 1.19.1 are available, your cluster is upgraded to 1.17.9 |
stable | automatically upgrade the cluster to the latest supported patch release on minor version N-1, where N is the latest supported minor version. | For example, if a cluster is running version 1.17.7 and versions 1.17.9, 1.18.4, 1.18.6, and 1.19.1 are available, your cluster is upgraded to 1.18.6. |
rapid | automatically upgrade the cluster to the latest supported patch release on the latest supported minor version. | In cases where the cluster is at a version of Kubernetes that is at an N-2 minor version where N is the latest supported minor version, the cluster first upgrades to the latest supported patch version on N-1 minor version. For example, if a cluster is running version 1.17.7 and versions 1.17.9, 1.18.4, 1.18.6, and 1.19.1 are available, your cluster first is upgraded to 1.18.6, then is upgraded to 1.19.1. |
# - Requirements
az feature register --namespace Microsoft.ContainerService -n AutoUpgradePreview
az feature list -o table --query "[?contains(name, 'Microsoft.ContainerService/AutoUpgradePreview')].{Name:name,State:properties.state}"
az provider register --namespace Microsoft.ContainerService
# - Create a new cluster with the auto-upgrade feature
az aks create --resource-group myResourceGroup --name myAKSCluster --auto-upgrade-channel stable --generate-ssh-keys
# - Update an existing cluster with the auto-upgrade feature
az aks update --resource-group myResourceGroup --name myAKSCluster --auto-upgrade-channel stable
Maxime.
© 2025 ZiGMaX IT Blog
Theme by Anders Noren — Up ↑