This message was deleted.
# general
s
This message was deleted.
c
@icy-dress-83371 I believe this is a race in Azure. Let me dig up the bug.
You can work around by running
pulumi up
a second time though.
cc @narrow-area-11460 this is the bug I mentioned earlier
n
@icy-dress-83371 @creamy-potato-29402 I have been hitting this issue myself -- the error shows up differently for me
"Error: Code="ServicePrincipalNotFound" Message="Service principal clientID: 7cab766e-e8f7-481c-a2a2-f8ec4f642656 not found in Active Directory tenant 706143bc-e1d4-4593-aee2-c9dc60ab9be7"
basically it is a race condition where the Service Principal required by the AKS cluster is not being created on time by the AD and hence AKS cluster creation fails.
someone in TF issued a workaround (this is specific to role assignment but the underlying issue is the same): https://github.com/terraform-providers/terraform-provider-azurerm/pull/2204 however it does not work -- will reopen the issue and the issue on our side that was previously closed to track this https://github.com/pulumi/pulumi-azure/issues/103
i
This seems to be a different issue, my issue was that the service principal I created does not seem to have the permissions to create another service principal. @creamy-potato-29402 @narrow-area-11460
n
should be tied to the same race condition - mind sharing your
index.ts
file
will look into it and revert back
i
w
I do not believe the issue @icy-dress-83371 is hitting is the same issue that @narrow-area-11460 and @creamy-potato-29402 are referring to.
Insufficient privileges to complete the operation.
This suggest that the service principal does not have some permission needed for AKS. I suspect it's related to https://github.com/Azure/AKS/issues/149#issuecomment-361445681?