403 when trying to get resource group when provisioning new AKS cluster

thomas.cherryhomes · November 6, 2019, 6:32pm

It’s all in the subject.

Brand new installation of Rancher 2.x

Authentication to AKS works correctly, and I have pre-created a resource group for the target cluster.

When I attempt to complete the provisioning, I get the following:

-Thom

thomas.cherryhomes · November 12, 2019, 7:23pm

The service principal currently has the following permissions:

Directory.Read.All
Group.Read.All
User.Read
User.Read.All
User.ReadBasic.All

Which permissions need to be added in order for Rancher to be able to provision clusters? Why is this not in the documentation?

-Thom

Topic		Replies	Views
Group permissions on cluster level with active directory Rancher 2.x	3	2211	July 3, 2018
Error 403 when posting cluster	1	711	June 15, 2018
AKS Cluster provision with Rancher status showing waiting for API to be available Rancher 2.x	1	396	March 19, 2023
Create AKS cluster from Rancher Rancher 2.x	1	743	November 6, 2022
Authorisation on namespaced resource Rancher 2.x	7	679	April 7, 2022