Step-DevSecOps.azcli

# Create cluster

location="westeurope"

# Get latest AKS version
version=$(az aks get-versions -l $location --query 'orchestrators[-1].orchestratorVersion' -o tsv)
echo $version

# Prepare group
group=event-comp-aks
az group create --name $group --location $location

name=event-comp-01

# Create AKS Cluster
az aks create --resource-group $group \
    --name $name \
    --location $location \
    --kubernetes-version $version \
    --generate-ssh-keys \
    --load-balancer-sku basic \


# Connect to AKS Cluster with kubectl
az aks get-credentials --resource-group $group --name $name


# Create ACR
export ACR_NAME=eventmatperdevsecops${RANDOM}$$; echo $ACR_NAME
az acr create --resource-group $group --name $ACR_NAME --sku Standard
ACR_NAME=eventmatperdevsecops25746104

#Grant AKS access to Azure Container Registry
CLIENT_ID=$(az aks show --resource-group $group --name $name --query "servicePrincipalProfile.clientId" --output tsv)
ACR_ID=$(az acr show --name $ACR_NAME --resource-group $group --query "id" --output tsv)
az role assignment create --assignee $CLIENT_ID --role acrpull --scope $ACR_ID


##################
kubectl create ns aqua-security

kubectl create -n aqua-security -f aqua-sa.yaml 
kubectl create -n aqua-security -f aqua-csp.yaml 

kubectl get svc -n aqua-security -w

# connect via browser :8080