Enable Pod Identities on AKS

This section will guide you though enabling the Pod identities feature on your AKS cluster which is necessary for running Arrikto Enterprise Kubeflow.

What You’ll Need


  1. Register the EnablePodIdentityPreview feature:

    root@rok-tools:~# az feature register --name EnablePodIdentityPreview --namespace Microsoft.ContainerService
      "id": "/subscriptions/a8eb0222-2657-4a68-ae60-f06536139029/providers/Microsoft.Features/providers/Microsoft.ContainerService/features/EnablePodIdentityPreview",
      "name": "Microsoft.ContainerService/EnablePodIdentityPreview",
      "properties": {
        "state": "Registered"
      "type": "Microsoft.Features/providers/features"
  2. Wait for it to become Registered:

    root@rok-tools:~# az feature list -o table \
    >    --query "[?contains(name, 'Microsoft.ContainerService/EnablePodIdentityPreview')].{Name:name,State:properties.state}"
    Name                                                 State
    ---------------------------------------------------  ----------
    Microsoft.ContainerService/EnablePodIdentityPreview  Registered
  3. Refresh the registration of the corresponding resource provider:

    root@rok-tools:~# az provider register -n Microsoft.ContainerService
  4. Update your AKS cluster to enable Pod identities:

    root@rok-tools:~# az aks update \
    >    --resource-group ${AZ_RESOURCE_GROUP?} \
    >    --name ${CLUSTERNAME?} \
    >    --enable-pod-identity


You have successfully updated your AKS cluster to enable Pod Identities.

What’s Next

The next step is to deploy Rok.