Troubleshooting
This section explains the frequently occurred errors during cluster provision
Scenario 1: Valid Cloud Credential¶
The below error is an example that might occur when an invalid cloud credential is selected during the cluster provisioning
Validation¶
Ensure to provide valid tenant ID, Client ID, subscription ID and secret while creating the cloud credential
Scenario 2: Resource Group existence¶
The below error is an example that might occur when an resource group does not exist in azure cloud
Validation¶
To overcome this issue, create one resource group in the Azure Cloud console or through CLI
Scenario 3: Role Permission¶
The below error is an example that might occur when the user does not have permission to perform the action ’Microsoft.Authorization/roleAssignments/write
error while getting guture deployment, Code="DeploymentFailed" Message="At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details." Details=[{"code":"BadRequest","message":"{\r\n \"error\": {\r\n \"code\": \"InvalidTemplateDeployment\",\r\n \"message\": \"The template deployment failed with error: 'Authorization failed for template resource 'shobhit-azure-1/Microsoft.Authorization/0be8b9b7-15ce-5aa4-98af-4fdb8424f279' of type 'Microsoft.ContainerService/managedClusters/providers/roleAssignments'. The client 'de893500-3bd0-40a1-9773-8cb226b084de' with object id 'de893500-3bd0-40a1-9773-8cb226b084de' does not have permission to perform action 'Microsoft.Authorization/roleAssignments/write' at scope '/subscriptions/a2252eb2-7a25-432b-a5ec-e18eba6f26b1/resourceGroups/shobhit-central-playground/providers/Microsoft.ContainerService/managedClusters/shobhit-azure-1/providers/Microsoft.Authorization/roleAssignments/0be8b9b7-15ce-5aa4-98af-4fdb8424f279'.'.\"\r\n }\r\n}"}]
Validation¶
The Service Principal must have the basic contributor role permission across the subscription