K
Q

Azure AKS-API (Preview Authorization Failure

2/9/2018

In attempting to create an Azure Container Service (AKS) cluster using the same account information for which I can create a cluster via the portal, I am getting the following error:

ERROR in generic_views: 500 Internal Server Error: Creating cluster 7f3b1ed3-1996-4558-97d1-1672d87d56e1 failed with following reason:

CloudError(\"The client '09ad439c-5569-4e9b-8b23-3311d6837a21' with object id '09ad439c-5569-4e9b-8b23-3311d6837a21' does not have authorization to perform action 'Microsoft.ContainerService/managedClusters/write' over scope '/subscriptions/21a6a032-5d60-45a6-ae51-c5f0c4007995/resourceGroups/MC_BruceContainerGroup_BruceCluster1_eastus/providers/Microsoft.ContainerService/managedClusters/7f3b1ed3-1996-4558-97d1-1672d87d56e1'.\",)

I tried adding (IAM) permissions for Azure Container Services to the RG used, and to the APP, but it didn't work. What do you think could be causing this error?

-- Bruce Mathews
api
azure
azure-kubernetes
kubernetes

Similar Questions

Exposing Cluster ips and how services work in kubernetes services?
gitlab-ci cache on kubernetes with minio-service not working anymore
Has anyone tried setting up Kubernetes service endpoint on TFS 2015?
Minikube networking

1 Answer

2/11/2018

I actually resolved this issue by adding Access Control (IAM) permissions for ALL Azure Applications to the subscription... I am not sure adding which one resolved the issue, but I suspect it was the Azure Container Service.

-- Bruce Mathews
Source: StackOverflow