Azure- Getting (AuthorizationFailed) even with owner role assigned to my account

unixcorn
December 8, 2023
151 views
1 vote
2 Answers

When I run az aks get-credentials --name project --resource-group project-rg, I get the following error:

but I have owner access level in the resource group:

I’ve tried 1. logging out and logging in. 2. az account set --subscription guid2. 3. checked if I have the right permissions (checked Microsoft.ContainerService/managedClusters/listClusterAdminCredential/action
Neither has worked. Any suggestions?

Solution- turns out I didn’t run the az account set --subscription <guid>

Tags: azure azure-resource-group

Answers

Chosen as BEST ANSWER
- unixcorn
- December 8, 2023 at 1:59 am
- 0 votes
0
...Turns out I needed to set the cluster subscription using az account set --subscription <guid>

(Edit)

- Alex
- December 5, 2023 at 12:03 am
- 0 votes
0
You would need the specific permission at the cluster level to be able to run the get-credentials command.
The permission is:
Microsoft.ContainerService/managedCluster/listClusterUserCredential/action

This permission is usually included in the following default roles:
- Azure Kubernetes Service Cluster User Role
- Azure Kubernetes Service Cluster Admin Role
If you give yourself one of these permissions, you should be authorised to run the get-credentials command.
Login or Signup to reply.

Please signup or login to give your own answer.

Click here to cancel reply.