I am using Azure AD as an authentication provider. I’d like to limit the kubeconfig token lifetime to ~24hrs to limit potential misuse of a leaked token.
I’ve performed the changes described here: Rancher Docs: API Tokens
With the generated kubeconfig kubectl invokes the rancher CLI (rancher token) using the local authentication provider. I tried modifying the rancher token command to use the Azure AD authentication provider using rancher token --auth-provider=azuread instead, but I keep getting the following error message:
FATA[0009] error logging in: code: [NotFound] message:[failed to find schema azureads]
Is it possible to use rancher token when authenticating against Azure AD?
Or is there another way to achieve a limited kubectl token lifetime when using Azure AD?