Creating an Azure az cli extension for AKS Non Interactive Auth


In the previous 4 part article series, we went through how Authentication and Authorization works in your AKS RBAC enabled cluster, as well as how you can Non Interactively connect to your AKS cluster.

We created a simple python script to show this Non Interactive Connection via code.

In this article, we want to explore how we can integrate our previous script into an az cli extension, so we can just call our non interactive code via an az cli call.

The Azure az CLI extension setup uses a Command Line Interface framework called knack Knack allows us to specify commands, arguments, factories, validators, help etc when creating a command line interface.

Once we extend from the Azure’s azCommandLoader, we get to inherit the az part of the command structure as well as global arguments such as subscription id, which may form part of our implementations.

Next we just need to create our Python Wheel project and add this through the az extension add.

Project Structure and Files

Let’s first create our required project structure. You can check out Microsoft’s real examples here for some help on your az cli extension journey:

We’ll first create our project name aksauth and we’ll import that directory into vscode. will define our Python wheel project, it’s dependencies and it’s packages

setup.cfg will define our packaging format

Next we’ll create a directory called azext_aksauth to store our cli application package.

azext_aksauth/ Here is where we extend Azure’s az cli (AzCommandsLoader). We’ll load our own sub commands as well as the sub command’s arguments as well as the entry point to our command implementations.

azext_aksauth/ — Allows us to provide help strings to each of our sub commands.

azext_aksauth/ — Allows us to validate arguments for our sub commands

azext_aksauth/ — The implementation of our sub commands

For now that’s enough to get you started and integrate the code we wrote in the previous articles. I’d recommend you look at the documentation and check out some of Microsoft’s own examples for how you can structure your code for larger more complex projects.


I’ve pretty much lifted and shifted the code from our AKS Non Interactive Auth project in the previous series from here to here

  1. Clone down
  2. Create our python wheel
python bdist_wheel

3. Add our wheel distribution as an az extension

az extension add — source C:\Users\Adrian\aksauth\dist\aksauth-0.0.1-py2.py3-none-any.whl

4. Test it out against one of your AKS RBAC’s clusters

az aksauth connect --resource-group adrian-group --subscription xxxxxx–aaaa–bbbb-cccc–zzzzzzz --cluster-name adrian-cluster --tenant 00000000–2222–5555–9999-222222 --username --password “hard2Guess”

Appendix: Reference Material




Cloud Platform Architect. Opinions and articles on medium are my own.

Love podcasts or audiobooks? Learn on the go with our new app.


How to build a maintainable Selenium framework?

Schedulers in EMR

How integration patterns impact your microservices architecture

WebLogic Management WebLogic Performance Issues

The Funny Side of a Programmer’s Life

Deep Dive into OpenYurt: Edge Autonomy Design

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Adrian Hynes

Adrian Hynes

Cloud Platform Architect. Opinions and articles on medium are my own.

More from Medium

From SVN repository to Git repository

How to Copy a folder across multiple user accounts on a Linux Ubuntu 20.0 Virtual Machine on azure.

This is the structure of directories on the hard drive.

Git Undo Scenarios

Powershell — How to change the Picture for the Whole Organization in Office 365