Great read! You may want to take note of the fact that the spec for AzureIdentity and AzureIdentityBinding have changed slightly for v1.7, as Seyed commented above. The case for the ResourceID and ClientID fields (now resourceID and clientID, respectively) in AzureIdentity has changed, as has the case for the AzureIdentity and Selector fields (now azureIdentity and selector, respectively) in AzureIdentityBinding.

See latest example code from GitHub: https://github.com/Azure/aad-pod-identity/tree/master/deploy/demo

Hope this helps! :)