Azure Pod Identity is an implementation of Azure AD Pod Identity which lets you bind an Azure Managed Identity to a Pod in a Kubernetes cluster as delegated access - Don’t manage secrets, let Azure AD do the hard work.
You can tell KEDA to use Azure AD Pod Identity via
provider: azure # Optional. Default: none
identityId: <identity-id> # Optional. Default: Identity linked with the label set when installing KEDA.
Azure AD Pod Identity will give access to containers with a defined label for
aadpodidbinding. You can set this label on the KEDA operator deployment. This can be done for you during deployment with Helm with
You can override the identity that was assigned to KEDA during installation, by specifying an
identityId parameter under the
podIdentity field. This allows end-users to use different identities to access various resources which is more secure than using a single identity that has access to multiple resources.