-
Notifications
You must be signed in to change notification settings - Fork 728
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AKS resource missing IdentityProfile property #1936
Comments
@JimPaine - you should be able to use resource roleDef 'Microsoft.Authorization/roleDefinitions@2015-07-01' existing = {
scope: subscription()
name: '7f951dda-4ed3-4680-a7ca-43fe172d538d'
}
resource acrrole 'Microsoft.Authorization/roleAssignments@2015-07-01' = {
name: guid(acr.id, 'AcrPull')
scope: acr
properties: {
roleDefinitionId: roleDef.id
principalId: aks.properties.identityProfile.kubeletidentity.objectId
principalType: 'ServicePrincipal'
}
} |
Thanks @anthony-c-martin I have now closed the issue #1935 around the scope item, though I would be interested to understand the overlap between 'scope' and the upcoming 'parent' property :D but that can wait. This was more around being able to discover the objectId that you have
When I try and discover it through the property tree I can't see anything on identityprofile and if I ignore the warning it still highlights objectid as a problem. |
Got you, sorry - I missed that! Something strange has happened during type generation for this property - I'll need to look into that in more detail: Microsoft.ContainerService/managedClusters@2021-02-01 -> properties -> identityProfile -> dictionary of this strangely-named type |
Awesome thanks and I will clean up the OP |
By the way, if you want to work around this and remove the warning until we have a proper fix out, you should be able to use the
|
Fixed with Azure/bicep-types-az#245 |
Bicep version
Bicep CLI version 0.3.1 (d0f5c9b)
Describe the bug
** UPDATED **
On an AKS recourse the identityprofile object appears to be empty as I can not discover kubeletidentity and if I put it in anyway I get an error that object id doesn't exist.
Related to: #1935
To Reproduce
Add a role assignment and try and set the principalId from the kubeletidentity under identityprofile.
** UPDATED **
Additional context
** UPDATED **
The text was updated successfully, but these errors were encountered: