Give the cluster perms to create load balancers.

In order for the cluster app registration to create new load balancers, it needs to have the Network Contributor role for the virtual network. In the future, we should create a custom policy scoped to exactly the permissions the cluster needs, per: https://docs.microsoft.com/en-us/azure/aks/configure-azure-cni#prerequisites
2020-01-30 16:28:02 -05:00
parent b444378b0f
commit ca1d26cc67
4 changed files with 18 additions and 2 deletions
--- a/terraform/providers/dev/k8s.tf
+++ b/terraform/providers/dev/k8s.tf
@@ -23,6 +23,7 @@ module "k8s" {
  client_id           = data.azurerm_key_vault_secret.k8s_client_id.value
  client_secret       = data.azurerm_key_vault_secret.k8s_client_secret.value
  workspace_id        = module.logs.workspace_id
+  vnet_id             = module.vpc.id
 }

 #module "main_lb" {