Hey friendly folks, Has anyone experienced constant prompts to sign in with a device token when deploying resources to an AKS cluster?

To sign in, use a web browser to open the page <https://microsoft.com/devicelogin> and enter the code HUUTYL7CP to authenticate.

I've deployed the crosswalk stacks to AKS but when I go to deploy resources to the cluster, I get 3 prompts per deployment The only way to successfully deploy resources is to do an unattended deploy and output the logs to a file and watch the file for the devicelogin prompts

pulumi up --yes  > debug.log

Frustrating 🙂

I never used Crosswalk, but I'm familiar with the prompt are you using the AAD integration for AKS?

@jolly-bear-34819, maybe? 😕 The Crosswalk guide provisions an Identity stack which looks similar (but not the same) as the MS AAD with AKS docs So yes, it is using AAD (I believe) but not 100% sure if it's correct sorry. I'm very new to k8s and AKS sorry 😣

If you integrate your cluster with AAD, Azure will create two kubeconfigs: a "normal" and an admin config the prompt comes when you are using the normal config, which requires you to log in with your Azure user I'm not sure how you deploy resources to the cluster, but if possible try to use the admin config, which doesn't require a log in

Thanks @jolly-bear-34819, using the admin config helped in that it reduced the number of times I'm prompted from 3 to 1 but i still get prompted