kubectl create -f https://raw.githubusercontent.com/Azure/aad-pod-identity/master/deploy/infra/deployment-rbac.yaml
az identity create
-g demo-resource-group
-n demo_pod_identity
-o json
az role assignment create
--role Reader
--assignee <your_principal_id_goes_here>
--scope /subscriptions/<subscriptionid>/resourcegroups/demo-resource-group
az role assignment create
--role "Managed Identity Operator"
--assignee <aks_service_principal_id_here>
--scope <azure_identitys_id>