We are also trying to explore the options for AKS discovery.

Reading the documentation whilst we didn't expect to actually trigger a Kubernetes discovery out of the box, we did expect to find a cloud resource record for each AKS service in the cmdb_ci_cmp_resource table.

Because the resource type 'Microsoft.ContainerService' is included in the default Cloud Inventory Resource Inclusion List ('sa_cloud_inventory_resource_whitelist') table.

Our Azure product team assure us that our security principle is able to see the full list of resources, so we're going to probably put this on the back-burner for a few months as we have other priorities, but our hope was that if we could see it in the cloud resources list, writing a custom pattern to trigger a Kubernetes discovery wouldn't be too complex.

If you have any progress I'd love to hear, and likewise will update if we do.

Minor update - it is possible to discover the AKS cloud resource if you add a new item to the Cloud Inventory Resource List:

In addition to the existing OTB item add an item to the inclusion list with a Resource Type of 'Microsoft.ContainerService/managedClusters'.

Note that for some reason the discovery_admin role cannot write to that list so you may need to do it as admin.

Once you've done that you will get a record in the cmdb_ci_cmp_resource table for each AKS service.

It's not a fully functional Kubernetes discovery but it does at least give you inventory and the ability to use the Azure tags for reporting/service mapping, whilst you figure out how to write your custom patterns.