Use the below code to create the new AKS cluster with the Entra-ID Group.

az aks create –resource-group myResourceGroup –name myManagedCluster –enable-aad –aad-admin-group-object-ids <id> [–aad-tenant-id <id>] –generate-ssh-keys

use the below command to update it to the existing cluster

az aks update –resource-group MyResourceGroup –name myManagedCluster –enable-aad –aad-admin-group-object-ids <id-1>,<id-2> [–aad-tenant-id <id>]

We can confirm the Entre-ID settings  and also in the JASN format 

We can confirm the Entre-ID settings  and also in the JASN format 

AKS Cluster – Settings – Security Configuration – Authentication and Authorization.

Jason – Format

Overview – JASON View –

Get the user credentials to access your cluster using the az aks get-credentials command.

az aks get-credentials –resource-group myResourceGroup –name myManagedCluster

Install the kubelogin

Windows:

az aks install-cli 

Follow your instructions to sign in.

Set kubelogin to use the Azure CLI.

kubelogin convert-kubeconfig -l azurecli

Mac

# install
brew install Azure/kubelogin/kubelogin

# upgrade
brew update
brew upgrade Azure/kubelogin/kubelogin

Set kubelogin to use the Azure CLI.

kubelogin convert-kubeconfig -l azurecli

View the nodes in the cluster with the kubectl get nodes command.

kubectl get pods -owide –all-namespaces –output=wide

it will provide you a line of text with a url and code:

https://microsoft.com/devicelogin

Above Url will be re-directing to microsoft AD login. There you needs to login with you azure active directary login credentials. This will enable the KubeCtl access to your terminal or shell.