For provisioning Kubernetes clusters with the Azure cloud provider Kubermatic needs a service account with (at least) the the Azure role Contributor
. Please follow the following steps to create an matching service account:
Login to Azure with Azure CLI az
.
This command will open in your default browser a window where you can authenticate. After you succefull logged in get your subscription ID.
az account show --query id -o json
********-****-****-****-************
Get your Tenant ID
az account show --query tenantId -o json
********-****-****-****-************
create a new app with
az ad sp create-for-rbac --role="Contributor" --scopes="/subscriptions/********-****-****-****-************"
Retrying role assignment creation: 1/36
Retrying role assignment creation: 2/36
Retrying role assignment creation: 3/36
{
"appId": "********-****-****-****-************",
"displayName": "azure-cli-2018-11-25-08-01-39",
"name": "http://azure-cli-2018-11-25-08-01-39",
"password": "********-****-****-****-************",
"tenant": "********-****-****-****-************"
}
Enter provider credentials using the values from step “Prepare Azure Environment” into Kubermatic Dashboard:
Client ID
: Take the value ofappId
Client Secret
: Take the value ofpassword
Tenant ID
: your tenant IDSubscription ID
: your subscription ID