Using C# integrate with AKS API Server endpoint via AzureCredential

You can use the following code to call your AKS API Endpoint. At the end of the day, it is just API and Kubernetes RBAC. HTTPS API code are given below. 

As for setting up the kubernetes RBAC, we need to create the group, user ass you would do normally. 

Then you need to setup the RBAC. Remember if you need to call the API Server, there's a webhook that validates and check if you are permitted to call it. This has to be configure using kubernetes RBAC - role/rolebinding or clusterrole/clusterrolebinding.

As for the credential - it can be managed identity or your az login credential. But for our test, I am using az cli credential. But i will be deploying this to a workload identity.

// ignore certificate issues

var handler = new HttpClientHandler()

{

    ServerCertificateCustomValidationCallback = HttpClientHandler.DangerousAcceptAnyServerCertificateValidator

};

// Get the proper token for your login credentials

var creds = new DefaultAzureCredential();

var token = await creds.GetTokenAsync(new Azure.Core.TokenRequestContext(new[] { "6dae42f8-4368-4678-94ff-3960e28e3630/.default" }));

// setup http client and then connects

using (HttpClient hclient = new HttpClient(handler))

{

    hclient.SetBearerToken(token.Token);

    hclient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token.Token);

    var result = await hclient.GetAsync("https://your-aks-api-server-endpoint:443/api/v1/namespaces/sre/pods");

    var t = await result.Content.ReadAsStringAsync();

    Console.WriteLine(t);

}