Skip to content

Commit 620e24b

Browse files
committed
Add back service principal
1 parent d054fa6 commit 620e24b

1 file changed

Lines changed: 9 additions & 0 deletions

File tree

scenarios/AksKaito/README.md

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -55,6 +55,7 @@ export RANDOM_ID="$(openssl rand -hex 3)"
5555
export AZURE_RESOURCE_GROUP="myKaitoResourceGroup$RANDOM_ID"
5656
export REGION="centralus"
5757
export CLUSTER_NAME="myClusterName$RANDOM_ID"
58+
export SUBSCRIPTION_ID="0c8875c7-e423-4caa-827a-1f0350bd8dd3"
5859

5960
az group create \
6061
--name $AZURE_RESOURCE_GROUP \
@@ -118,6 +119,14 @@ Configure `kubectl` to connect to your cluster using the [az aks get-credentials
118119
az aks get-credentials --resource-group ${AZURE_RESOURCE_GROUP} --name ${CLUSTER_NAME}
119120
```
120121

122+
## Create role assignment for the service principal
123+
124+
```bash
125+
az role assignment create --role "Contributor" \
126+
--assignee "${PRINCIPAL_ID}" \
127+
--scope "/subscriptions/${SUBSCRIPTION_ID}/resourcegroups/${AZURE_RESOURCE_GROUP}"
128+
```
129+
121130
## Establish a federated identity credential
122131

123132
Create the federated identity credential between the managed identity, AKS OIDC issuer, and subject using the [az identity federated-credential create](https://learn.microsoft.com/en-us/cli/azure/identity/federated-credential?view=azure-cli-latest) command.

0 commit comments

Comments
 (0)