Azure DevOp Pipelines authentication to AKS with Azure AD RBAC configured?

You can use kubelogin for your pipeline from https://github.com/Azure/kubelogin

Here's the full example by starting at the login step, Until getting the namespace resource inside Kubernetes.

az login --service-principal -u $APP_ID -p $PASSWORD -t $TENANT

This statement more important, If you don't have existing cluster context in your ~/.kube/config file

az aks get-credentials --resource-group $RG_AKS --name $CLUSTER_NAME --overwrite-existing --file .kubeconfig-${CLUSTER_NAME}
Merged "my-aks-cluster-name" as current context in .kubeconfig-my-aks-cluster-name

Use kubelogin instead of az aks get-credential ....

export KUBECONFIG=$(pwd)/.kubeconfig-${CLUSTER_NAME}
kubelogin convert-kubeconfig -l spn
export AAD_SERVICE_PRINCIPAL_CLIENT_ID=$APP_ID
export AAD_SERVICE_PRINCIPAL_CLIENT_SECRET=$PASSWORD

Now you can run kubectl without device authentication

kubectl get pods -n $NAMESPACE
NAME                       READY   STATUS    RESTARTS   AGE
myapp-be-7c8cf7d8b9-gnj2t   1/1     Running   0          103m
myapp-cms-65fd6df9c-z7752   1/1     Running   0          14m
myapp-fe-5dbcdd8d9c-fzxgh   1/1     Running   0          52m

You can use the admin profile which doesn't require interactive login but unfortunately bypasses any RBAC controls you may have setup.

Vote here: https://feedback.azure.com/forums/914020-azure-kubernetes-service-aks/suggestions/35146387-support-non-interactive-login-for-aad-integrated-c