Azure AKS – Kubernetes Dashboard with RBAC Enabled

If you have recently deployed a kubernetes instance on Azure, you might have noticed that if you have selected RBAC enabled in your kubernetes cluster, the dashboard that comes preinstalled on the k8s cluster, has only the minimal permission. In order to have additional permission you would need to create a new cluster role bindings and assign the kubernetes-dashboard user an elevated permission

For example, if you want to give cluster-admin role to kubernetes dashboard, the following command can help you

kubectl delete clusterrolebinding kubernetes-dashboard -n kube-system
kubectl create clusterrolebinding kubernetes-dashboard --clusterrole=cluster-admin --serviceaccount=kube-system:kubernetes-dashboard

Once the new role is added, go ahead and retrieve the token for authentication

kubectl get secret $(kubectl get serviceaccount kubernetes-dashboard -n kube-system -o jsonpath="{.secrets[0].name}") -n kube-system -o jsonpath="{.data.token}" | base64 --decode

Open the dashboard URL

http://127.0.0.1:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/#/overview?namespace=default

Select Token an authentication and enter the token that you obtained and you should be good to go.

Leave a Reply

Your email address will not be published.