/aks-workload-id-101

Seamlessly Integrating Azure Kubernetes Service (AKS) with Azure KeyVault Using Workload Identity: A Comprehensive Guide

Primary LanguageBicepMIT LicenseMIT

aks-workload-id-101

Introduction

Seamlessly Integrating Azure Kubernetes Service (AKS) with Azure KeyVault Using Workload Identity: A Comprehensive Guide for Beginners.

Prerequisites

  1. Azure Subscription
  2. Azure CLI
  3. Kubernetes Tools (Kubectl, Helm, Kustomize)
  4. NodeJS
  5. Docker
  6. Taskfile

or All-in-one 🚀 VSCode + DevContainer

Getting Started

  1. Clone the repository
git clone https://github.com/phucnt1992/aks-workload-id-101.git
  1. To start the minikube and deploy the application
task minikube

task deploy TARGET=minikube -y
  1. To deploy Bicep template
task az-deploy -y
  1. Create .env file and update values
cp .env.example .env
  1. To prepare the secrets and federate the identity
task aks-populatesecrets

task aks-createfed
  1. To deploy the application to AKS
task az-login

task deploy TARGET=dev -y

Known Issues

Thumbnail image is not displayed in the product detail page. This is due to the fact that the image is stored in the local file system and the application is not able to access it. The solution is to store the image in the cloud storage and update the image URL in the database. Or follow this guideline to manually update domain

References

  1. Workload Identity
  2. Deploy and configure cluster
  3. Workload Identity Federation
  4. Saleor Architecture