Azure Kubernetes Service (AKS) now allows for Azure Active Directory (AAD) integrated clusters to be created without any local admin user account.
By default, when you create a Kubernetes cluster, access to the cluster is through a local admin account. This is not desirable for security reasons as anyone can use a local account. It is also harder to manage such local accounts.
With AAD integration, there is no need for local accounts. This feature, now in public preview, allows you to disable local accounts when you setup AAD with your AKS cluster.