You are deploying an Azure Kubernetes Service (AKS) cluster. You need to ensure that pods can access Azure resources (e.g., Azure Storage) using a managed identity without storing credentials. What should you configure?
This allows pods to authenticate to Azure services without secrets.
Why this answer
Option C is correct because AKS can use pod-managed identities (via aad-pod-identity or Workload Identity) to assign managed identities to pods. Option A is wrong because AKS does not have a built-in managed identity for pods; it's for the cluster. Option B is wrong because service principals require secret management.
Option D is wrong because Azure AD integration is for user authentication, not pod identity.