How can I find the service principal secret of my AKS cluster?

In the end the solution was quite simple.

• In the Azure portal, navigate to the resource group named MC_<resourcegroup>_<aksName>_<region>.
• Click one of the resources of the type "Virtual machine".
• Scroll down to "Run command"

• Choose "RunShellScript"
• Enter cat /etc/kubernetes/azure.json and click "Run"

The command will return the contents of the JSON file. The property you need is aadClientSecret

Whoever comes over this issue there's an updated solution from Microsoft

https://docs.microsoft.com/en-us/azure/aks/update-credentials#update-aks-cluster-with-new-credentials

They also mention (something that's not obvious) that: By default, AKS clusters are created with a service principal that has a one-year expiration time.

Also, As of Azure CLI 2.0.68, the --password parameter to create a service principal with a user-defined password is no longer supported to prevent the accidental use of weak passwords. so the initial solution to change the service principal password doesn't work anymore.