https://pulumi.com logo
Title
w

wooden-receptionist-75654

09/14/2021, 8:16 AM
Hi Guys, I’ve provisioned AKS cluster with
containerservice.ManagedCluster
with SystemAssigned MI. Something like:
const cluster = new containerservice.ManagedCluster(managedClusterName, {
  ...
  identity: {
    type: "SystemAssigned",
  }
  ...
});
How can I get it
principalId
for creating
authorization.RoleAssignment
?
g

gentle-restaurant-16139

09/14/2021, 8:20 AM
Hi, you can create or get one from with
azuread.ServicePrincipal
I think it also anwser the previous question from @wet-noon-14291 once you have your service principal you can assign the role ACRpull or the contributor role to the acr resource
👍 1
It work for me. But it is the bit weird when you create an aks from the portal it assign the contributor role and not the acrpull as it is written in the doc (🤷‍♂️ Microsoft mystery... )
t

tall-librarian-49374

09/14/2021, 8:33 AM
w

wooden-receptionist-75654

09/14/2021, 5:51 PM
Thank guys, will try