https://rancher.com/ logo
Title
g

great-florist-72127

03/29/2023, 9:44 AM
Hi All - I need to generate API keys to access Rancher. Is it possible to authenticate to Rancher using an Azure AD Service Principle instead of an actual user account?
r

refined-analyst-8898

03/29/2023, 11:23 AM
Possibly so, but the familiar pattern to me would be the Azure Service Principle having permission to read the Rancher API credential in secret store/vault.
g

great-florist-72127

03/29/2023, 12:18 PM
Yeah, the issue is that we have a key person dependency - when someone generates an API key, it's tied to their Azure AD account they used to login to Rancher. I've tried using an SP to auth into Rancher to generate a Rancher API key, but there doesn't seem to be any support for using SPs in this way (this is not surprising either)