Hey team. I am trying to create a ManagedCluster in Azure using Pulumi Azure native library and atta...

creamy-fall-88031

03/20/2022, 11:10 PM

Hey team. I am trying to create a ManagedCluster in Azure using Pulumi Azure native library and attach it to a pre-existing VNET subnet This is how I get the subscriptionId:

Copy code

const subscriptionId = azure.core.getSubscription({});

This is the code snippet where I create my VNET:

Copy code

const virtualNetwork = new azure_native.network.VirtualNetwork(`vnet-${pulumi.getStack()}-${randomNo}`, {
    addressSpace: {
        addressPrefixes: ["10.0.0.0/8"],
    },
    resourceGroupName: resourceGroup.name,
    subnets: [{
        addressPrefix: "10.0.2.0/24",
        name: `snet-postgres-${pulumi.getStack()}-${randomNo}`,
        serviceEndpoints: [{
            service: "Microsoft.Sql",
        }],
    },{
        addressPrefix: "10.0.1.0/24",
        name: `snet-aks-${pulumi.getStack()}-${randomNo}`,
    }],
    virtualNetworkName: `vnet-${pulumi.getStack()}-${randomNo}`,
});

This is the code I used for the cluster:

Copy code

const managedClusterName = config.get("managedClusterName") || `aks-${randomNo}`;
const cluster = new containerservice.ManagedCluster(managedClusterName, {
    resourceGroupName: resourceGroup.name,
    resourceName: `aks-${randomNo}`,
    agentPoolProfiles: [{
        count: 2,
        maxPods: 110,
        mode: "System",
        name: "agentpool",
        nodeLabels: {},
        osDiskSizeGB: 30,
        osType: "Linux",
        type: "VirtualMachineScaleSets",
        vmSize: "Standard_B2s",
        vnetSubnetID: `/subscriptions/${subscriptionId}/resourceGroups/rsg-${pulumi.getStack()}-${randomNo}/providers/Microsoft.Network/virtualNetworks/vnet-${pulumi.getStack()}-${randomNo}/subnets/snet-aks-${pulumi.getStack()}-${randomNo}`
    }],
    dnsPrefix: resourceGroup.name,
    enableRBAC: true,
    kubernetesVersion: "1.23.3",
    linuxProfile: {
        adminUsername: "testuser",
        ssh: {
            publicKeys: [{
                keyData: sshKey.publicKeyOpenssh,
            }],
        },
    },
    nodeResourceGroup: `MC_azure-go_${managedClusterName}`,
    servicePrincipalProfile: {
        clientId: adApp.applicationId,
        secret: adSpPassword.value,
    },
},
{
    dependsOn: [virtualNetwork]
});

but I keep getting the following error:

Copy code

azure-native:containerservice:ManagedCluster (aks-547):
    error: Code="LinkedAuthorizationFailed" Message="The client has permission to perform action 'Microsoft.Network/virtualNetworks/subnets/join/action' on scope '/subscriptions/70340165-1840-xxxx-xxxx-xxxxxxxxxxx/resourceGroups/rsg-dev-547/providers/Microsoft.ContainerService/managedClusters/aks-547', however the linked subscription '[object Promise]' was not found."

Quite frankly I am baffled with what I'm doing wrong here. If I try to create the cluster without

dependsOn: [virtualNetwork]

, the deployment fails. If I try to create the cluster after the VNET is created, then I get the above message complaining that the linked subscription cannot be found (???) BTW, the qualified name (resource path) of the cluster is correct, including the subscriptionId.

2 Views

Open in Slack

Previous Next

Pulumi Community

No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.