Static Credentials
Using static credentials
This section contains example Resource Definitions using static credentials for connecting to AKS clusters.
aks-static-credentials.yaml
: use static credentials of a service principal defined via environment variables. This format is for use with the Humanitec CLI.aks-static-credentials-cloudaccount.yaml
: use static credentials defined via a Cloud Account. This format is for use with the Humanitec CLI.
aks-static-credentials-cloudaccount.yaml
(view on GitHub)
:
# Connect to an AKS cluster using static credentials defined via a Cloud Account
apiVersion: entity.humanitec.io/v1b1
kind: Definition
metadata:
id: aks-static-credentials-cloudaccount
entity:
name: aks-static-credentials-cloudaccount
type: k8s-cluster
# The driver_account references a Cloud Account of type "azure"
# which needs to be configured for your Organization.
driver_account: azure-static-creds
driver_type: humanitec/k8s-cluster-aks
driver_inputs:
values:
loadbalancer: 20.10.10.10
name: demo-123
resource_group: my-resources
subscription_id: 12345678-aaaa-bbbb-cccc-0987654321ba
# Add this exact server_app_id for a cluster using AKS-managed Entra ID integration
# server_app_id: 6dae42f8-4368-4678-94ff-3960e28e3630
aks-static-credentials.yaml
(view on GitHub)
:
# NOTE: Providing inline credentials as shown in this example is discouraged and will be deprecated.
# Using a Cloud Account is the recommended approach instead.
# Make sure all ${ENVIRONMENT_VARIABLES} are set when applying this Resource Definition.
apiVersion: entity.humanitec.io/v1b1
kind: Definition
metadata:
id: aks-static-credentials
entity:
name: aks-static-credentials
type: k8s-cluster
driver_type: humanitec/k8s-cluster-aks
driver_inputs:
values:
loadbalancer: 20.10.10.10
name: demo-123
resource_group: my-resources
subscription_id: 12345678-aaaa-bbbb-cccc-0987654321ba
# Add this exact server_app_id for a cluster using AKS-managed Entra ID integration
# server_app_id: 6dae42f8-4368-4678-94ff-3960e28e3630
secrets:
# The "credentials" data correspond to the content of the output
# that Azure generates for a service principal
credentials:
appId: b520e4a8-6cb4-49dc-8f42-f3281dc2efe9
displayName: my-cluster-sp
password: ${SERVICE_PRINCIPAL_PASSWORD}
tenant: 9b8c7b62-aaaa-4444-ffff-0987654321fd