Skip to content

Commit

Permalink
AKS creation timing issue with KV rolebinding
Browse files Browse the repository at this point in the history 
sometimes the AKS cluster creation fails because the AKS MI does not have permissions on the etcd KV yet. this PR introduces an explicit dependency from the AKS resource to the KV roleassignment (and the VNET role assignment as well).

Signed-off-by: Gerd Oberlechner <[email protected]>
  • Loading branch information
@geoberle
geoberle committed Nov 12, 2024
1 parent 07deb79 commit 69da402
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions dev-infrastructure/modules/aks-cluster-base.bicep
View file
Original file line number Diff line number Diff line change
Expand Up @@ -361,6 +361,10 @@ resource aksCluster 'Microsoft.ContainerService/managedClusters@2024-04-02-previ
}
supportPlan: 'KubernetesOfficial'
}
dependsOn: [
aksNetworkContributorRoleAssignment
aks_keyvault_crypto_user
]
}

resource userAgentPools 'Microsoft.ContainerService/managedClusters/agentPools@2024-04-02-preview' = [
Expand Down

0 comments on commit 69da402

Please sign in to comment.