AKS resource missing IdentityProfile property #1936
Comments
|
@JimPaine - you should be able to use resource roleDef 'Microsoft.Authorization/roleDefinitions@2015-07-01' existing = {
scope: subscription()
name: '7f951dda-4ed3-4680-a7ca-43fe172d538d'
}
resource acrrole 'Microsoft.Authorization/roleAssignments@2015-07-01' = {
name: guid(acr.id, 'AcrPull')
scope: acr
properties: {
roleDefinitionId: roleDef.id
principalId: aks.properties.identityProfile.kubeletidentity.objectId
principalType: 'ServicePrincipal'
}
} |
|
Thanks @anthony-c-martin I have now closed the issue #1935 around the scope item, though I would be interested to understand the overlap between 'scope' and the upcoming 'parent' property :D but that can wait. This was more around being able to discover the objectId that you have When I try and discover it through the property tree I can't see anything on identityprofile and if I ignore the warning it still highlights objectid as a problem.
|
|
Got you, sorry - I missed that! Something strange has happened during type generation for this property - I'll need to look into that in more detail: Microsoft.ContainerService/managedClusters@2021-02-01 -> properties -> identityProfile -> dictionary of this strangely-named type |
|
Awesome thanks and I will clean up the OP |
|
By the way, if you want to work around this and remove the warning until we have a proper fix out, you should be able to use the |
|
Fixed with Azure/bicep-types-az#245 |
ghost
locked as resolved and limited conversation to collaborators
Bicep version
Bicep CLI version 0.3.1 (d0f5c9b)
Describe the bug
** UPDATED **
On an AKS recourse the identityprofile object appears to be empty as I can not discover kubeletidentity and if I put it in anyway I get an error that object id doesn't exist.
Related to: #1935
To Reproduce
Add a role assignment and try and set the principalId from the kubeletidentity under identityprofile.
** UPDATED **
Additional context
** UPDATED **
The text was updated successfully, but these errors were encountered: