You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
✗ asoctl version
asoctl v2.2.0 darwin
✗ asoctl import azure-resource "/subscriptions/<subid>/resourceGroups/<rg-name>/providers/Microsoft.ContainerService/managedClusters/<cluster-name>" -o cluster.yaml
08:51:25 ERR Failed error="importing containerservice.azure.com/TrustedAccessRoleBinding for resource /subscriptions/<subid>/resourceGroups/<rg-name>/providers/Microsoft.ContainerService/managedClusters/<cluster-name>: unable to list resources of type Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings: GET https://management.azure.com/subscriptions/<subid>/resourceGroups/<rg-name>/providers/Microsoft.ContainerService/managedClusters/<cluster-name>/trustedAccessRoleBindings\n--------------------------------------------------------------------------------\nRESPONSE 400: 400 Bad Request\nERROR CODE: BadRequest\n--------------------------------------------------------------------------------\n{\n \"code\": \"BadRequest\",\n \"details\": null,\n \"message\": \"Preview feature Microsoft.ContainerService/TrustedAccessPreview not registered.\",\n \"subcode\": \"\"\n}\n--------------------------------------------------------------------------------\n" kind=ManagedCluster.containerservice.azure.com name=<cluster-name>
08:51:25 ERR Failed imports error="importing containerservice.azure.com/TrustedAccessRoleBinding for resource /subscriptions/<subid>/resourceGroups/<rg-name>/providers/Microsoft.ContainerService/managedClusters/<cluster-name>: unable to list resources of type Microsoft.ContainerService/managedClusters/trustedAccessRoleBindings: GET https://management.azure.com/subscriptions/<subid>/resourceGroups/<rg-name>/providers/Microsoft.ContainerService/managedClusters/<cluster-name>/trustedAccessRoleBindings\n--------------------------------------------------------------------------------\nRESPONSE 400: 400 Bad Request\nERROR CODE: BadRequest\n--------------------------------------------------------------------------------\n{\n \"code\": \"BadRequest\",\n \"details\": null,\n \"message\": \"Preview feature Microsoft.ContainerService/TrustedAccessPreview not registered.\",\n \"subcode\": \"\"\n}\n--------------------------------------------------------------------------------\n" Count=1 Group=containerservice.azure.com Kind=ManagedCluster
Import Azure Resources [=============================================================================================================================================================] 100 %
08:51:25 ERR failed to execute command error="failed to import any resources: failed during import of <cluster-name>"
When asoctl v2.2.0 runs, it queries for any TrustedAccessRoleBinding resources associated with your cluster, but the request is rejected by ARM because your subscription hasn't been onboarded.
When asoctl v2.1.0 runs, it never tries to query for TrustedAccessRoleBinding resources, and thus never encounters the error.
The error returned by ARM is correct, but shouldn't be resulting in asoctl aborting the import run. The import process should continue, with the user informed of the partial error.
Not every Azure Feature is enabled for every subscription.
For example, the Azure Kubernetes Service Trusted Access feature is currently in preview. Anyone who wants to use it can do so (it's a public preview), but the feature is only turned on when someone explicitly uses Trusted Access.
You can see a list of all features, including whether they are enabled for you or not, by running az feature list.
Version of Azure Service Operator
Describe the bug
In
asoctl
v2.1.0 I am able to importManagedCluster
resources but after upgrading to v2.2.0 I am not.To Reproduce
asoctl import azure-resource "/subscriptions/<subid>/resourceGroups/<rg-name>/providers/Microsoft.ContainerService/managedClusters/<cluster-name>" -o cluster.yaml
Expected behavior
Behavior should be the same between version
Screenshots
Attempt using v2.2.0
Attempt using v2.1.0
Additional context
Permissions, account, etc. are not modified between attempts and changing of asoctl versions.
The text was updated successfully, but these errors were encountered: