Managed Clusters - Reset AAD Profile

Reference

Service:: AKS

API Version:: 2024-09-01

Reset the AAD Profile of a managed cluster.
WARNING: This API will be deprecated. Please see AKS-managed Azure Active Directory integration to update your cluster with AKS-managed Azure AD.

POST https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}/resetAADProfile?api-version=2024-09-01

URI Parameters

Name	In	Required	Type	Description
resourceGroupName	path	True	string	The name of the resource group. The name is case insensitive.
resourceName	path	True	string	The name of the managed cluster resource. Regex pattern: `^[a-zA-Z0-9]$\|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$`
subscriptionId	path	True	string uuid	The ID of the target subscription. The value must be an UUID.
api-version	query	True	string	The API version to use for this operation.

Request Body

Name	Type	Description
adminGroupObjectIDs	string[]	The list of AAD group object IDs that will have admin role of the cluster.
clientAppID	string	(DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.
enableAzureRBAC	boolean	Whether to enable Azure RBAC for Kubernetes authorization.
managed	boolean	Whether to enable managed AAD.
serverAppID	string	(DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.
serverAppSecret	string	(DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.
tenantID	string	The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.

Responses

Name	Type	Description
200 OK		OK
202 Accepted		Accepted Headers Location: string
Other Status Codes	CloudError	Error response describing why the operation failed. If the cluster doesn't exist, 404 (Not found) is returned.

Name

Type

Description

200 OK

202 Accepted

Accepted

Headers

Location: string

Other Status Codes

CloudError

Error response describing why the operation failed. If the cluster doesn't exist, 404 (Not found) is returned.

Security

azure_auth

Azure Active Directory OAuth2 Flow

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name	Description
user_impersonation	impersonate your user account

Examples

Reset AAD Profile

Sample request

POST https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1/resetAADProfile?api-version=2024-09-01

{
  "clientAppID": "clientappid",
  "serverAppID": "serverappid",
  "serverAppSecret": "serverappsecret",
  "tenantID": "tenantid"
}

from azure.identity import DefaultAzureCredential

from azure.mgmt.containerservice import ContainerServiceClient

"""
# PREREQUISITES
    pip install azure-identity
    pip install azure-mgmt-containerservice
# USAGE
    python managed_clusters_reset_aad_profile.py

    Before run the sample, please set the values of the client ID, tenant ID and client secret
    of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
    AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
    https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""


def main():
    client = ContainerServiceClient(
        credential=DefaultAzureCredential(),
        subscription_id="00000000-0000-0000-0000-000000000000",
    )

    client.managed_clusters.begin_reset_aad_profile(
        resource_group_name="rg1",
        resource_name="clustername1",
        parameters={
            "clientAppID": "clientappid",
            "serverAppID": "serverappid",
            "serverAppSecret": "serverappsecret",
            "tenantID": "tenantid",
        },
    ).result()


# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersResetAADProfile.json
if __name__ == "__main__":
    main()

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

package armcontainerservice_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersResetAADProfile.json
func ExampleManagedClustersClient_BeginResetAADProfile() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	poller, err := clientFactory.NewManagedClustersClient().BeginResetAADProfile(ctx, "rg1", "clustername1", armcontainerservice.ManagedClusterAADProfile{
		ClientAppID:     to.Ptr("clientappid"),
		ServerAppID:     to.Ptr("serverappid"),
		ServerAppSecret: to.Ptr("serverappsecret"),
		TenantID:        to.Ptr("tenantid"),
	}, nil)
	if err != nil {
		log.Fatalf("failed to finish the request: %v", err)
	}
	_, err = poller.PollUntilDone(ctx, nil)
	if err != nil {
		log.Fatalf("failed to pull the result: %v", err)
	}
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to **WARNING**: This API will be deprecated. Please see [AKS-managed Azure Active Directory integration](https://aka.ms/aks-managed-aad) to update your cluster with AKS-managed Azure AD.
 *
 * @summary **WARNING**: This API will be deprecated. Please see [AKS-managed Azure Active Directory integration](https://aka.ms/aks-managed-aad) to update your cluster with AKS-managed Azure AD.
 * x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersResetAADProfile.json
 */
async function resetAadProfile() {
  const subscriptionId =
    process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
  const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
  const resourceName = "clustername1";
  const parameters = {
    clientAppID: "clientappid",
    serverAppID: "serverappid",
    serverAppSecret: "serverappsecret",
    tenantID: "tenantid",
  };
  const credential = new DefaultAzureCredential();
  const client = new ContainerServiceClient(credential, subscriptionId);
  const result = await client.managedClusters.beginResetAADProfileAndWait(
    resourceGroupName,
    resourceName,
    parameters,
  );
  console.log(result);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Sample response

Status code:: 200

Status code:: 202

location: https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.ContainerService/locations/eastus/operationresults/00000000-0000-0000-0000-000000000000?api-version=2017-08-31

Definitions

Name	Description
CloudError	An error response from the Container service.
CloudErrorBody	An error response from the Container service.
ManagedClusterAADProfile	AADProfile specifies attributes for Azure Active Directory integration.

CloudError

An error response from the Container service.

Name	Type	Description
error	CloudErrorBody	Details about the error.

CloudErrorBody

An error response from the Container service.

Name	Type	Description
code	string	An identifier for the error. Codes are invariant and are intended to be consumed programmatically.
details	CloudErrorBody[]	A list of additional details about the error.
message	string	A message describing the error, intended to be suitable for display in a user interface.
target	string	The target of the particular error. For example, the name of the property in error.

ManagedClusterAADProfile

AADProfile specifies attributes for Azure Active Directory integration.

Name	Type	Description
adminGroupObjectIDs	string[]	The list of AAD group object IDs that will have admin role of the cluster.
clientAppID	string	(DEPRECATED) The client AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.
enableAzureRBAC	boolean	Whether to enable Azure RBAC for Kubernetes authorization.
managed	boolean	Whether to enable managed AAD.
serverAppID	string	(DEPRECATED) The server AAD application ID. Learn more at https://aka.ms/aks/aad-legacy.
serverAppSecret	string	(DEPRECATED) The server AAD application secret. Learn more at https://aka.ms/aks/aad-legacy.
tenantID	string	The AAD tenant ID to use for authentication. If not specified, will use the tenant of the deployment subscription.

Share via

Managed Clusters - Reset AAD Profile

URI Parameters

Request Body

Responses

Security

azure_auth

Scopes

Examples

Reset AAD Profile

Sample request

Sample response

Definitions

CloudError

CloudErrorBody

ManagedClusterAADProfile

Additional resources