Skip to main content
Back to the Azure Footguns Database
SecurityMediumCommonAZF-0074

AKS local accounts hand out a cluster-admin kubeconfig that bypasses Entra ID

Local accounts are enabled on AKS by default. Anyone with the right Azure role can pull an admin kubeconfig that works with no identity attached, ignores conditional access, and keeps working after they leave.

Footgun ID
AZF-0074 (Azure Footgun No. 74)
Azure service
Azure Kubernetes Service
Resource type
Microsoft.ContainerService/managedClusters
Updated
July 9, 2026

What it is

An AKS cluster where disableLocalAccounts is not set to true, which is the Azure default. Local accounts mean the cluster will issue certificate-based credentials, most famously the static cluster-admin kubeconfig behind az aks get-credentials --admin, that authenticate directly to the API server with no Entra ID involved. Whoever holds the file is cluster-admin, indefinitely, with no identity attached.

Impact (security)
A static cluster-admin credential outside Entra ID, conditional access, and central revocation
Basis: Azure behavior (authored assessment). Figures are estimates, not measurements.

Why it happens

Local accounts are enabled unless you explicitly disable them, and disabling them requires the cluster to have Entra ID integration configured first, so the default survives on clusters created before that integration was wired up, and on plenty created after. The --admin flag is also genuinely useful: it is the standard break-glass move when Entra sign-in misbehaves or someone locks themselves out of RBAC, so teams keep it "just in case."

The trap is what that convenience costs. The admin kubeconfig is a bearer credential: it bypasses Entra authentication, conditional access, MFA, and Kubernetes RBAC bindings tied to identities. It gets copied into CI variables, laptops, and wikis, and none of your identity tooling knows it exists. Offboarding an engineer or rotating an Entra credential does nothing to it.

What it costs / blast radius

The blast radius is full, anonymous control of the cluster. Every copy of the admin kubeconfig is cluster-admin: read every Secret, exec into every pod, deploy anything, and the audit log attributes it to the shared local identity rather than a person. There is no per-user revocation, taking one holder's access away means rotating the cluster's certificates and re-issuing for everyone. Combined with a public API server (AZF-0073), a kubeconfig that leaked from a laptop backup or CI log is usable from anywhere on the internet. (Blast-radius assessment of Azure's default behavior, not a measured incident statistic.)

See it

Footgun: the default — local accounts on, admin kubeconfig available to anyone with the Azure role
resource aks 'Microsoft.ContainerService/managedClusters@2024-05-01' = {
  name: 'prod-aks'
  location: location
  // ...identity and agentPoolProfiles omitted for brevity
  properties: {
    dnsPrefix: 'prod-aks'
    // disableLocalAccounts not set — defaults to false.
    // 'az aks get-credentials --admin' hands out a static
    // cluster-admin kubeconfig with no identity behind it.
  }
}
Fix: integrate Entra ID and disable local accounts so all access carries an identity
resource aks 'Microsoft.ContainerService/managedClusters@2024-05-01' = {
  name: 'prod-aks'
  location: location
  // ...identity and agentPoolProfiles omitted for brevity
  properties: {
    dnsPrefix: 'prod-aks'
    aadProfile: {
      managed: true            // Entra ID integration (required first)
      enableAzureRBAC: true    // authorize with Azure RBAC role assignments
    }
    disableLocalAccounts: true // no more identity-less admin kubeconfigs
  }
}

How StratoLens helps

StratoLens flags every AKS cluster that still allows local accounts, automatically and continuously, across all your subscriptions. Instead of wondering which clusters have an untraceable admin kubeconfig floating around, you get the list, and you see when the setting changes.

Start Your 28-Day Free Trial

Every feature unlocked. Deploys to your Azure tenant. No data leaves your tenant.

Available now on the Azure Marketplace.

Not ready to install anything? Browse the Azure Footguns Database: 55+ documented ways Azure quietly costs money or creates risk.

Request a demo

StratoLens catches the cost waste, access risk, and config drift across your whole Azure estate, from inside your own tenant, so your data never leaves it.