-
Notifications
You must be signed in to change notification settings - Fork 527
ACS-Engine CLI requires an admin to grant permission to access resources in your organization #143
Comments
@tariq1890 is this the same thing you encountered or is it a different issue? |
Yes. We need to overhaul our authentication method for deploy. No new users will be able to use |
@tariq1890 Is there a workaround for this issue? |
@Grisson You would to do an If you have questions about this flow of commands, please don't hesitate to reach out :). |
Got it. |
@Grisson can you try this ?
|
Is this a request for help?:
Yes
Is this an ISSUE or FEATURE REQUEST? (choose one):
ISSUE
What version of aks-engine?:
Self build from code
Kubernetes version:
1.12
What happened:
I try to run /aks-engine deploy. It asks me to login in browser. I login with my microsoft.com account.
ACS-Engine CLI needs permission to access resources in your organization that only an admin can grant. Please ask an admin to grant permission to this app before you can use it.
Following is the detail error message.
Request Id: 87ffe193-e50b-46c8-a868-456de5590100
Correlation Id: 4e24354e-cdb3-4c40-9808-c58793c84102
Timestamp: 2018-12-14T00:02:17Z
Message: AADSTS90094: An administrator of Microsoft has set a policy that prevents you from granting ACS-Engine CLI the permissions it is requesting. Contact an administrator of Microsoft who can grant permissions to this application on your behalf.
What you expected to happen:
Let me login and create cluster based on me definition file.
How to reproduce it (as minimally and precisely as possible):
Deploy a cluster with microsoft.com account. Create service principal under microsoft.com tenant.
Anything else we need to know:
It happens on microsoft.com tenant.
The text was updated successfully, but these errors were encountered: