[ACS] az acs create does not does not add authorization to an SP #1620
Labels
Comments
|
I have an suspicion that problem was because I had "Contribuer" role nad seems and I was not able to creat other "Contributers" |
|
I'll try to reproduce this. We should at the very least error out in the CLI in this case. |
|
@olostan I faced the same issue. I am also having "contributor" role. But why would it try to create other contributors ? |
|
Kubernetes needs contributor privileges in order to do things on your behalf like create load balancers and mount disks. |
|
I think this can now be closed. |
bsiegel
added
the
Service Attention
haroldrandom
added
ACS
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Just after running
az acs create --orchestrator-type=kubernetes --resource-group=<rgname> --dns-prefix=<appname> --name=<appname>Operation completed without error
waiting for AAD role to propogate...........done { "id": "/subscriptions//resourceGroups/edicircle/providers/Microsoft.Resources/deployments/azurecli1482863184.1523824", "name": "azurecli1482863184.1523824", "properties": { "correlationId": "ebfb44b5-5b17-4fe0-b642-22a07ad58e52", "debugSetting": null, "dependencies": [], "mode": "Incremental", "outputs": null, "parameters": { "clientSecret": { "type": "SecureString" } }, "parametersLink": null, "providers": [ { "id": null, "namespace": "Microsoft.ContainerService", "registrationState": null, "resourceTypes": [ { "aliases": null, "apiVersions": null, "locations": [ "westeurope" ], "properties": null, "resourceType": "containerServices" } ] } ], "provisioningState": "Succeeded", "template": null, "templateLink": null, "timestamp": "2016-12-27T18:34:13.440219+00:00" }, "resourceGroup": "" }But after startup I have such logs in docker container:
I would greatly appreciate any workaround!
az --version
The text was updated successfully, but these errors were encountered: