There is no azure AAD V2 Documentation available,

[nitinkhandelwal26]

Please provide an alternative document for AAD integration because when I click to https://docs.microsoft.com/en-in/azure/aks/managed-aad#before-you-begin and also this is a preview feature and we don't know when GA of this V2 version will be available. Request you to provide one sample implementation or documentation till the time AAD V2 is not available.

[nitinkhandelwal26]

@ferantivero Reference implementation follows AAD V2 for AKS integration, but there is no V2 available in Microsoft docs. Request you to please also provide reference implementation which is not using V2 policies, as its giving error while deploying with your documentation steps https://docs.microsoft.com/en-in/azure/aks/managed-aad#before-you-begin : The policy is not available in AAD.

[ferantivero]

thanks for your inquiries @nitinkhandelwal26, as per the docs AKS-managed AAD does not seem to be Preview as the time of writing this (cc/ @ckittel).

That said, please let's try to proceed without registering AAD-V2 feature (skip the step 01-prerequisites.md -> Register the AAD-V2 feature for AKS-managed Azure AD.) ensuring you have the following pre-requisites in place:

1. az version --query '"azure-cli"' please ensure it is version 2.9.0 or later
2. kubectl version --client please ensure it 1.18 or later

Please don't hesitate in ask us for more support on this.

[nitinkhandelwal26]

Thanks @ferantivero for your response. We have tried without registering to AAD V2 but it was giving this error that aad v2 ( Microsoft.containerservies/AADv2) must be enabled before cluster deployment. Request you to please check from your end.if this is the case then it could be bug 🙂

[ferantivero]

thanks for confirming this @nitinkhandelwal26, yes, we're definitely checking it with our team. We will provide more details soon.

[ckittel]

AAD-V2 is currently in transtition from preview to GA (rolling out across Azure), for you can try just following the standard flow for this as a preview:

1. az feature register --namespace "Microsoft.ContainerService" --name "AAD-V2" in your subscription
2. check az feature list -o table --query "[?contains(name, 'AAD-V2')].{Name:name,State:properties.state}" and wait for it to report that it's registered in your subscription (state will be Registered when complete -- I've seen this take about 30 minutes)
3. you can then invoke az provider register -n Microsoft.ContainerService to refresh the resource provider with that feature.

You are catching this feature in transition between preview and GA. This should be very short term situation.

[ckittel]

We're going to close this issue as you are now past it, and this feature is rolling out of preview. Once we have confirmation it's out, we'll clean up the document as such. I'll open a new issue to track that.