Azure Permissons #2077
Azure Permissons #2077
Conversation
✅ Deploy Preview for docs-spectrocloud ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
karl-cardenas-coding
added
backport-version-4-0
karl-cardenas-coding
requested review from
addetz,
lennessyy and
caroldelwing
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
docs/docs-content/clusters/public-cloud/azure/required-permissions.md
Outdated
Show resolved
Hide resolved
docs/docs-content/clusters/public-cloud/azure/create-azure-cluster.md
Outdated
Show resolved
Hide resolved
docs/docs-content/clusters/public-cloud/azure/required-permissions.md
Outdated
Show resolved
Hide resolved
|
|
||
| ## Dynamic Placement | ||
|
|
||
| If you want to support dynamic placement use cases, ensure Palette has the following actions at the subscription level: |
There was a problem hiding this comment.
To stay consistent with the previous section, this needs an explanation for when users should choose dynamic placement.
As you've described under static placement, that would be "when you have a pre-existing network resource group, VNet, subnets and security groups you want Palette to use when deploying a cluster". What is the use case here?
|
|
||
|
|
||
|
|
||
| ## Validator |
There was a problem hiding this comment.
This feels out of context here. Static and dynamic placement are types of management in Palette, and Validator is a tool. It might be the case that I don't understand the technical side of it, but purely from the structure perspective, I'd treat Validator as different from static and dynamic placement.
There was a problem hiding this comment.
I wanted to jump in and add some context.
The Validator tool is something we created to, among other things out in the open source community, help customers deploy Palette. Its purpose within Spectro Cloud, with Azure, is to help our customers ensure that they've followed the instructions under Static Placement and Dynamic Placement correctly - that they've added the permissions required to use Palette. For Validator to work, it itself needs permissions. They're kind of "meta" permissions - permissions that allow a service principal to check permissions on other service principals.
You'e right that the act of using Validator is something completely different from the act of using Palette. We were trying to figure out the best place to tell our users which Azure permissions they need in order to use Validator when the reason they want to use it is because they plan to use Palette to deploy a cluster to Azure.
|
|
||
| ## Validator | ||
|
|
||
| To use the [Validator](https://github.com/spectrocloud-labs/validator) with the [Azure plugin](https://github.com/spectrocloud-labs/validator-plugin-azure) you need the following actions to be able to ensure the roles attached to the service principal used by Validator have the required permissions: |
There was a problem hiding this comment.
When would be good cases for me to use the Validator? As you've described under static placement, that would be "when you have a pre-existing network resource group, VNet, subnets and security groups you want Palette to use when deploying a cluster". What is the use case here?
docs/docs-content/clusters/public-cloud/azure/required-permissions.md
Outdated
Show resolved
Hide resolved
Co-authored-by: Yuliia Horbenko <[email protected]>
|
|
||
| </details> | ||
|
|
||
| Palette supports the following use cases for static placement: Single Cluster, Multiple Cluster – Same Resource Group, and Multiple Cluster – Same Subscription. Each use case requires the same actions but with different scope levels. |
There was a problem hiding this comment.
🚫 [vale] reported by reviewdog 🐶
[Google.EmDash] Don't put a space before or after a dash.
|
|
||
| </details> | ||
|
|
||
| Palette supports the following use cases for static placement: Single Cluster, Multiple Cluster – Same Resource Group, and Multiple Cluster – Same Subscription. Each use case requires the same actions but with different scope levels. |
There was a problem hiding this comment.
🚫 [vale] reported by reviewdog 🐶
[Google.EnDash] Use an em dash ('—') instead of '–'.
docs/docs-content/clusters/public-cloud/azure/required-permissions.md
Outdated
Show resolved
Hide resolved
docs/docs-content/clusters/public-cloud/azure/required-permissions.md
Outdated
Show resolved
Hide resolved
| :::info | ||
|
|
||
| New worker pools may be added if you want to customize specific worker nodes to run specialized workloads. As an | ||
| :::info New worker pools may be added if you want to customize specific worker nodes to run specialized workloads. As an |
There was a problem hiding this comment.
🚫 [vale] reported by reviewdog 🐶
[spectrocloud.ableism] Avoid using ableism terms. Use 'issue' instead of 'run'.
💔 All backports failed
Manual backportTo create the backport manually run: Questions ?Please refer to the Backport tool documentation and see the Github Action logs for details |
* docs: wip * docs: added table * docs: fixed broken anchor tag DOC-916 DOC-928 DOC-929 * docs: DOC-936 * chore: update DOC-936 * vale: feedback * docs: feedback * docs: vale feedeback * Apply suggestions from code review Co-authored-by: Yuliia Horbenko <[email protected]> * save * docs: feedback * docs: azure callout change- * docs: fix * docs: changed order * Update docs/docs-content/clusters/public-cloud/azure/required-permissions.md Co-authored-by: Yuliia Horbenko <[email protected]> * docs: feedback incorporated --------- Co-authored-by: Yuliia Horbenko <[email protected]>
* docs: wip * docs: added table * docs: fixed broken anchor tag DOC-916 DOC-928 DOC-929 * docs: DOC-936 * chore: update DOC-936 * vale: feedback * docs: feedback * docs: vale feedeback * Apply suggestions from code review Co-authored-by: Yuliia Horbenko <[email protected]> * save * docs: feedback * docs: azure callout change- * docs: fix * docs: changed order * Update docs/docs-content/clusters/public-cloud/azure/required-permissions.md Co-authored-by: Yuliia Horbenko <[email protected]> * docs: feedback incorporated --------- Co-authored-by: Yuliia Horbenko <[email protected]>
* docs: wip * docs: added table * docs: fixed broken anchor tag DOC-916 DOC-928 DOC-929 * docs: DOC-936 * chore: update DOC-936 * vale: feedback * docs: feedback * docs: vale feedeback * Apply suggestions from code review Co-authored-by: Yuliia Horbenko <[email protected]> * save * docs: feedback * docs: azure callout change- * docs: fix * docs: changed order * Update docs/docs-content/clusters/public-cloud/azure/required-permissions.md Co-authored-by: Yuliia Horbenko <[email protected]> * docs: feedback incorporated --------- Co-authored-by: Yuliia Horbenko <[email protected]>
* docs: wip * docs: added table * docs: fixed broken anchor tag DOC-916 DOC-928 DOC-929 * docs: DOC-936 * chore: update DOC-936 * vale: feedback * docs: feedback * docs: vale feedeback * Apply suggestions from code review Co-authored-by: Yuliia Horbenko <[email protected]> * save * docs: feedback * docs: azure callout change- * docs: fix * docs: changed order * Update docs/docs-content/clusters/public-cloud/azure/required-permissions.md Co-authored-by: Yuliia Horbenko <[email protected]> * docs: feedback incorporated --------- Co-authored-by: Yuliia Horbenko <[email protected]>
* docs: DOC-936 DOC-916 DOC-928 DOC-929 zure Permissons (#2077) * docs: wip * docs: added table * docs: fixed broken anchor tag DOC-916 DOC-928 DOC-929 * docs: DOC-936 * chore: update DOC-936 * vale: feedback * docs: feedback * docs: vale feedeback * Apply suggestions from code review Co-authored-by: Yuliia Horbenko <[email protected]> * save * docs: feedback * docs: azure callout change- * docs: fix * docs: changed order * Update docs/docs-content/clusters/public-cloud/azure/required-permissions.md Co-authored-by: Yuliia Horbenko <[email protected]> * docs: feedback incorporated --------- Co-authored-by: Yuliia Horbenko <[email protected]> * chore: fixed gitleaks --------- Co-authored-by: Yuliia Horbenko <[email protected]>
* docs: DOC-936 DOC-916 DOC-928 DOC-929 zure Permissons (#2077) * docs: wip * docs: added table * docs: fixed broken anchor tag DOC-916 DOC-928 DOC-929 * docs: DOC-936 * chore: update DOC-936 * vale: feedback * docs: feedback * docs: vale feedeback * Apply suggestions from code review Co-authored-by: Yuliia Horbenko <[email protected]> * save * docs: feedback * docs: azure callout change- * docs: fix * docs: changed order * Update docs/docs-content/clusters/public-cloud/azure/required-permissions.md Co-authored-by: Yuliia Horbenko <[email protected]> * docs: feedback incorporated --------- Co-authored-by: Yuliia Horbenko <[email protected]> * chore: save * chore: fixed gitleaks false positives --------- Co-authored-by: Yuliia Horbenko <[email protected]>
* docs: DOC-936 DOC-916 DOC-928 DOC-929 zure Permissons (#2077) * docs: wip * docs: added table * docs: fixed broken anchor tag DOC-916 DOC-928 DOC-929 * docs: DOC-936 * chore: update DOC-936 * vale: feedback * docs: feedback * docs: vale feedeback * Apply suggestions from code review Co-authored-by: Yuliia Horbenko <[email protected]> * save * docs: feedback * docs: azure callout change- * docs: fix * docs: changed order * Update docs/docs-content/clusters/public-cloud/azure/required-permissions.md Co-authored-by: Yuliia Horbenko <[email protected]> * docs: feedback incorporated --------- Co-authored-by: Yuliia Horbenko <[email protected]> * chore: fixed gitignore --------- Co-authored-by: Yuliia Horbenko <[email protected]>
* docs: DOC-936 DOC-916 DOC-928 DOC-929 zure Permissons (#2077) * docs: wip * docs: added table * docs: fixed broken anchor tag DOC-916 DOC-928 DOC-929 * docs: DOC-936 * chore: update DOC-936 * vale: feedback * docs: feedback * docs: vale feedeback * Apply suggestions from code review Co-authored-by: Yuliia Horbenko <[email protected]> * save * docs: feedback * docs: azure callout change- * docs: fix * docs: changed order * Update docs/docs-content/clusters/public-cloud/azure/required-permissions.md Co-authored-by: Yuliia Horbenko <[email protected]> * docs: feedback incorporated --------- Co-authored-by: Yuliia Horbenko <[email protected]> * chore: missed a fille * chore: fixed false gitleaks --------- Co-authored-by: Yuliia Horbenko <[email protected]>
|
🎉 This PR is included in version 4.2.1 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
|
🎉 This PR is included in version 4.2.1 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
Describe the Change
This PR adds a new documentation page to the Azure sections. A detailed list of the required permissions for static and dynamic placement use cases is now available.
Review Changes
💻 Preview URL
🎫 DOC-916
🎫 DOC-928
🎫 DOC-929
🎫 DOC-936