From 967c705153213f6b1a7a94dbb01983228e2bdded Mon Sep 17 00:00:00 2001 From: Karl Cardenas Date: Wed, 11 Sep 2024 11:13:59 -0700 Subject: [PATCH 1/3] docs: PEM-5693 --- .../vm-management/architecture.md | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/docs/docs-content/vm-management/architecture.md b/docs/docs-content/vm-management/architecture.md index bd04b1d96c..41b74c1d35 100644 --- a/docs/docs-content/vm-management/architecture.md +++ b/docs/docs-content/vm-management/architecture.md @@ -84,6 +84,33 @@ Palette VMO includes the following KubeVirt feature gates by default: For more information on KubeVirt feature gates, refer to the [KubeVirt Activating feature gates](https://kubevirt.io/user-guide/cluster_admin/activating_feature_gates/) guide. +## MAC Address Management + +Palette automatically assigns unique Media Access Control (MAC) addresses to VMs when you create them through the +Palette UI, API, or [Terraform](../automation/terraform/terraform.md). The MAC address always starts with a prefix that +is either `02`, `06`, `0A`, or `0E`. The remaining part of the MAC address is generated randomly. + +### Specify a MAC Address + +You can set a VM's MAC address by specifying a value in the VM's YAML configuration file under the `macAddress` field. + +:::danger + +If you choose to assign a custom MAC address to a VM, ensure that it is unique and not already in use by any other VM in +the cluster. Duplicate MAC addresses can cause network conflicts and connectivity issues. + +::: + +```yaml hideClipboard +spec: + template: + spec: + domain: + devices: + interfaces: + - macAddress: "REPLACE_WITH_MAC_ADDRESS" +``` + ## Next Steps Now that you understand the architecture behind Palette VMO, you can continue exploring it by reviewing our From 1c35796af89876e2f5d342a96a7b06fbf6c5fe77 Mon Sep 17 00:00:00 2001 From: Karl Cardenas Date: Wed, 11 Sep 2024 14:23:04 -0700 Subject: [PATCH 2/3] docs: DOC-1375 --- .../azure/required-permissions.md | 599 +++++++++--------- 1 file changed, 307 insertions(+), 292 deletions(-) diff --git a/docs/docs-content/clusters/public-cloud/azure/required-permissions.md b/docs/docs-content/clusters/public-cloud/azure/required-permissions.md index 8a3d9b53c7..5b074a5b03 100644 --- a/docs/docs-content/clusters/public-cloud/azure/required-permissions.md +++ b/docs/docs-content/clusters/public-cloud/azure/required-permissions.md @@ -81,86 +81,89 @@ dynamically creates the network resources required for your cluster. dynamically in Palette. ```shell - echo "{ - \"Name\": \"Dynamic Placement Palette Deployer\", - \"IsCustom\": true, - \"Description\": \"Can deploy Azure IaaS clusters using dynamic placement with Palette.\", - \"Actions\": [ - \"Microsoft.Compute/disks/delete\", - \"Microsoft.Compute/disks/read\", - \"Microsoft.Compute/disks/write\", - \"Microsoft.Compute/galleries/images/read\", - \"Microsoft.Compute/galleries/images/versions/read\", - \"Microsoft.Compute/galleries/images/versions/write\", - \"Microsoft.Compute/galleries/images/write\", - \"Microsoft.Compute/galleries/read\", - \"Microsoft.Compute/galleries/write\", - \"Microsoft.Compute/images/read\", - \"Microsoft.Compute/images/write\", - \"Microsoft.Compute/virtualMachines/delete\", - \"Microsoft.Compute/virtualMachines/extensions/delete\", - \"Microsoft.Compute/virtualMachines/extensions/read\", - \"Microsoft.Compute/virtualMachines/extensions/write\", - \"Microsoft.Compute/virtualMachines/read\", - \"Microsoft.Compute/virtualMachines/write\", - \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\", - \"Microsoft.Network/loadBalancers/delete\", - \"Microsoft.Network/loadBalancers/inboundNatRules/delete\", - \"Microsoft.Network/loadBalancers/inboundNatRules/join/action\", - \"Microsoft.Network/loadBalancers/inboundNatRules/read\", - \"Microsoft.Network/loadBalancers/inboundNatRules/write\", - \"Microsoft.Network/loadBalancers/read\", - \"Microsoft.Network/loadBalancers/write\", - \"Microsoft.Network/networkInterfaces/delete\", - \"Microsoft.Network/networkInterfaces/join/action\", - \"Microsoft.Network/networkInterfaces/read\", - \"Microsoft.Network/networkInterfaces/write\", - \"Microsoft.Network/networkSecurityGroups/read\", - \"Microsoft.Network/networkSecurityGroups/securityRules/delete\", - \"Microsoft.Network/networkSecurityGroups/securityRules/read\", - \"Microsoft.Network/networkSecurityGroups/securityRules/write\", - \"Microsoft.Network/privateDnsZones/A/delete\", - \"Microsoft.Network/privateDnsZones/A/read\", - \"Microsoft.Network/privateDnsZones/A/write\", - \"Microsoft.Network/privateDnsZones/delete\", - \"Microsoft.Network/privateDnsZones/read\", - \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/delete\", - \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/read\", - \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/write\", - \"Microsoft.Network/privateDnsZones/write\", - \"Microsoft.Network/publicIPAddresses/delete\", - \"Microsoft.Network/publicIPAddresses/join/action\", - \"Microsoft.Network/publicIPAddresses/read\", - \"Microsoft.Network/publicIPAddresses/write\", - \"Microsoft.Network/routeTables/delete\", - \"Microsoft.Network/routeTables/read\", - \"Microsoft.Network/routeTables/write\", - \"Microsoft.Network/virtualNetworks/delete\", - \"Microsoft.Network/virtualNetworks/join/action\", - \"Microsoft.Network/virtualNetworks/join/action\", - \"Microsoft.Network/virtualNetworks/joinLoadBalancer/action\", - \"Microsoft.Network/virtualNetworks/peer/action\", - \"Microsoft.Network/virtualNetworks/read\", - \"Microsoft.Network/virtualNetworks/subnets/delete\", - \"Microsoft.Network/virtualNetworks/subnets/join/action\", - \"Microsoft.Network/virtualNetworks/subnets/joinLoadBalancer/action\", - \"Microsoft.Network/virtualNetworks/subnets/read\", - \"Microsoft.Network/virtualNetworks/subnets/virtualMachines/read\", - \"Microsoft.Network/virtualNetworks/subnets/write\", - \"Microsoft.Network/virtualNetworks/virtualMachines/read\", - \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/delete\", - \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read\", - \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write\", - \"Microsoft.Network/virtualNetworks/write\", - \"Microsoft.Resources/subscriptions/resourceGroups/read\", - \"Microsoft.Storage/storageAccounts/blobServices/containers/read\", - \"Microsoft.Storage/storageAccounts/blobServices/containers/write\", - \"Microsoft.Storage/storageAccounts/read\", - \"Microsoft.Storage/storageAccounts/write\" + cat << EOF > dynamic-permissions.json + { + "Name": "Dynamic Placement Palette Deployer", + "IsCustom": true, + "Description": "Can deploy Azure IaaS clusters using dynamic placement with Palette.", + "Actions": [ + "Microsoft.Compute/disks/delete", + "Microsoft.Compute/disks/read", + "Microsoft.Compute/disks/write", + "Microsoft.Compute/galleries/images/read", + "Microsoft.Compute/galleries/images/versions/read", + "Microsoft.Compute/galleries/images/versions/write", + "Microsoft.Compute/galleries/images/write", + "Microsoft.Compute/galleries/read", + "Microsoft.Compute/galleries/write", + "Microsoft.Compute/images/read", + "Microsoft.Compute/images/write", + "Microsoft.Compute/virtualMachines/delete", + "Microsoft.Compute/virtualMachines/extensions/delete", + "Microsoft.Compute/virtualMachines/extensions/read", + "Microsoft.Compute/virtualMachines/extensions/write", + "Microsoft.Compute/virtualMachines/read", + "Microsoft.Compute/virtualMachines/write", + "Microsoft.Network/loadBalancers/backendAddressPools/join/action", + "Microsoft.Network/loadBalancers/delete", + "Microsoft.Network/loadBalancers/inboundNatRules/delete", + "Microsoft.Network/loadBalancers/inboundNatRules/join/action", + "Microsoft.Network/loadBalancers/inboundNatRules/read", + "Microsoft.Network/loadBalancers/inboundNatRules/write", + "Microsoft.Network/loadBalancers/read", + "Microsoft.Network/loadBalancers/write", + "Microsoft.Network/networkInterfaces/delete", + "Microsoft.Network/networkInterfaces/join/action", + "Microsoft.Network/networkInterfaces/read", + "Microsoft.Network/networkInterfaces/write", + "Microsoft.Network/networkSecurityGroups/read", + "Microsoft.Network/networkSecurityGroups/securityRules/delete", + "Microsoft.Network/networkSecurityGroups/securityRules/read", + "Microsoft.Network/networkSecurityGroups/securityRules/write", + "Microsoft.Network/privateDnsZones/A/delete", + "Microsoft.Network/privateDnsZones/A/read", + "Microsoft.Network/privateDnsZones/A/write", + "Microsoft.Network/privateDnsZones/delete", + "Microsoft.Network/privateDnsZones/read", + "Microsoft.Network/privateDnsZones/virtualNetworkLinks/delete", + "Microsoft.Network/privateDnsZones/virtualNetworkLinks/read", + "Microsoft.Network/privateDnsZones/virtualNetworkLinks/write", + "Microsoft.Network/privateDnsZones/write", + "Microsoft.Network/publicIPAddresses/delete", + "Microsoft.Network/publicIPAddresses/join/action", + "Microsoft.Network/publicIPAddresses/read", + "Microsoft.Network/publicIPAddresses/write", + "Microsoft.Network/routeTables/delete", + "Microsoft.Network/routeTables/read", + "Microsoft.Network/routeTables/write", + "Microsoft.Network/virtualNetworks/delete", + "Microsoft.Network/virtualNetworks/join/action", + "Microsoft.Network/virtualNetworks/join/action", + "Microsoft.Network/virtualNetworks/joinLoadBalancer/action", + "Microsoft.Network/virtualNetworks/peer/action", + "Microsoft.Network/virtualNetworks/read", + "Microsoft.Network/virtualNetworks/subnets/delete", + "Microsoft.Network/virtualNetworks/subnets/join/action", + "Microsoft.Network/virtualNetworks/subnets/joinLoadBalancer/action", + "Microsoft.Network/virtualNetworks/subnets/read", + "Microsoft.Network/virtualNetworks/subnets/virtualMachines/read", + "Microsoft.Network/virtualNetworks/subnets/write", + "Microsoft.Network/virtualNetworks/virtualMachines/read", + "Microsoft.Network/virtualNetworks/virtualNetworkPeerings/delete", + "Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read", + "Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write", + "Microsoft.Network/virtualNetworks/write", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.Storage/storageAccounts/blobServices/containers/read", + "Microsoft.Storage/storageAccounts/blobServices/containers/write", + "Microsoft.Storage/storageAccounts/read", + "Microsoft.Storage/storageAccounts/write" ], - \"NotActions\": [], - \"AssignableScopes\": [\"/subscriptions/$SUBSCRIPTION_ID\"] - }" > dynamic-permissions.json + "NotActions": [], + "AssignableScopes": ["/subscriptions/$SUBSCRIPTION_ID"] + } + EOF + ``` @@ -324,128 +327,136 @@ Select the tab below to view the required permissions and steps for the static p statically in Palette. ```shell - echo "{ - \"Name\": \"Static Placement Palette Deployer\", - \"IsCustom\": true, - \"Description\": \"Can deploy Azure IaaS clusters using static placement with Palette.\", - \"Actions\": [ - \"Microsoft.Compute/disks/delete\", - \"Microsoft.Compute/disks/read\", - \"Microsoft.Compute/disks/write\", - \"Microsoft.Compute/galleries/images/versions/write\", - \"Microsoft.Compute/galleries/images/write\", - \"Microsoft.Compute/galleries/read\", - \"Microsoft.Compute/galleries/write\", - \"Microsoft.Compute/images/read\", - \"Microsoft.Compute/images/write\", - \"Microsoft.Compute/virtualMachines/delete\", - \"Microsoft.Compute/virtualMachines/extensions/delete\", - \"Microsoft.Compute/virtualMachines/extensions/read\", - \"Microsoft.Compute/virtualMachines/extensions/write\", - \"Microsoft.Compute/virtualMachines/read\", - \"Microsoft.Compute/virtualMachines/write\", - \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\", - \"Microsoft.Network/loadBalancers/delete\", - \"Microsoft.Network/loadBalancers/inboundNatRules/delete\", - \"Microsoft.Network/loadBalancers/inboundNatRules/join/action\", - \"Microsoft.Network/loadBalancers/inboundNatRules/read\", - \"Microsoft.Network/loadBalancers/inboundNatRules/write\", - \"Microsoft.Network/loadBalancers/read\", - \"Microsoft.Network/loadBalancers/write\", - \"Microsoft.Network/networkInterfaces/delete\", - \"Microsoft.Network/networkInterfaces/join/action\", - \"Microsoft.Network/networkInterfaces/read\", - \"Microsoft.Network/networkInterfaces/write\", - \"Microsoft.Network/networkSecurityGroups/read\", - \"Microsoft.Network/networkSecurityGroups/securityRules/delete\", - \"Microsoft.Network/networkSecurityGroups/securityRules/read\", - \"Microsoft.Network/networkSecurityGroups/securityRules/write\", - \"Microsoft.Network/privateDnsZones/A/delete\", - \"Microsoft.Network/privateDnsZones/A/read\", - \"Microsoft.Network/privateDnsZones/A/write\", - \"Microsoft.Network/privateDnsZones/delete\", - \"Microsoft.Network/privateDnsZones/read\", - \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/delete\", - \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/read\", - \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/write\", - \"Microsoft.Network/privateDnsZones/write\", - \"Microsoft.Network/publicIPAddresses/delete\", - \"Microsoft.Network/publicIPAddresses/join/action\", - \"Microsoft.Network/publicIPAddresses/read\", - \"Microsoft.Network/publicIPAddresses/write\", - \"Microsoft.Network/routeTables/delete\", - \"Microsoft.Network/routeTables/read\", - \"Microsoft.Network/routeTables/write\", - \"Microsoft.Network/virtualNetworks/delete\", - \"Microsoft.Network/virtualNetworks/join/action\", - \"Microsoft.Network/virtualNetworks/join/action\", - \"Microsoft.Network/virtualNetworks/joinLoadBalancer/action\", - \"Microsoft.Network/virtualNetworks/peer/action\", - \"Microsoft.Network/virtualNetworks/subnets/delete\", - \"Microsoft.Network/virtualNetworks/subnets/joinLoadBalancer/action\", - \"Microsoft.Network/virtualNetworks/subnets/virtualMachines/read\", - \"Microsoft.Network/virtualNetworks/subnets/write\", - \"Microsoft.Network/virtualNetworks/virtualMachines/read\", - \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/delete\", - \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read\", - \"Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write\", - \"Microsoft.Network/virtualNetworks/write\", - \"Microsoft.Resources/subscriptions/resourceGroups/read\", - \"Microsoft.Storage/storageAccounts/blobServices/containers/read\", - \"Microsoft.Storage/storageAccounts/blobServices/containers/write\", - \"Microsoft.Storage/storageAccounts/read\", - \"Microsoft.Storage/storageAccounts/write\" + cat << EOF > static-permissions.json + { + "Name": "Static Placement Palette Deployer", + "IsCustom": true, + "Description": "Can deploy Azure IaaS clusters using static placement with Palette.", + "Actions": [ + "Microsoft.Compute/disks/delete", + "Microsoft.Compute/disks/read", + "Microsoft.Compute/disks/write", + "Microsoft.Compute/galleries/images/versions/write", + "Microsoft.Compute/galleries/images/write", + "Microsoft.Compute/galleries/read", + "Microsoft.Compute/galleries/write", + "Microsoft.Compute/images/read", + "Microsoft.Compute/images/write", + "Microsoft.Compute/virtualMachines/delete", + "Microsoft.Compute/virtualMachines/extensions/delete", + "Microsoft.Compute/virtualMachines/extensions/read", + "Microsoft.Compute/virtualMachines/extensions/write", + "Microsoft.Compute/virtualMachines/read", + "Microsoft.Compute/virtualMachines/write", + "Microsoft.Network/loadBalancers/backendAddressPools/join/action", + "Microsoft.Network/loadBalancers/delete", + "Microsoft.Network/loadBalancers/inboundNatRules/delete", + "Microsoft.Network/loadBalancers/inboundNatRules/join/action", + "Microsoft.Network/loadBalancers/inboundNatRules/read", + "Microsoft.Network/loadBalancers/inboundNatRules/write", + "Microsoft.Network/loadBalancers/read", + "Microsoft.Network/loadBalancers/write", + "Microsoft.Network/networkInterfaces/delete", + "Microsoft.Network/networkInterfaces/join/action", + "Microsoft.Network/networkInterfaces/read", + "Microsoft.Network/networkInterfaces/write", + "Microsoft.Network/networkSecurityGroups/read", + "Microsoft.Network/networkSecurityGroups/securityRules/delete", + "Microsoft.Network/networkSecurityGroups/securityRules/read", + "Microsoft.Network/networkSecurityGroups/securityRules/write", + "Microsoft.Network/privateDnsZones/A/delete", + "Microsoft.Network/privateDnsZones/A/read", + "Microsoft.Network/privateDnsZones/A/write", + "Microsoft.Network/privateDnsZones/delete", + "Microsoft.Network/privateDnsZones/read", + "Microsoft.Network/privateDnsZones/virtualNetworkLinks/delete", + "Microsoft.Network/privateDnsZones/virtualNetworkLinks/read", + "Microsoft.Network/privateDnsZones/virtualNetworkLinks/write", + "Microsoft.Network/privateDnsZones/write", + "Microsoft.Network/publicIPAddresses/delete", + "Microsoft.Network/publicIPAddresses/join/action", + "Microsoft.Network/publicIPAddresses/read", + "Microsoft.Network/publicIPAddresses/write", + "Microsoft.Network/routeTables/delete", + "Microsoft.Network/routeTables/read", + "Microsoft.Network/routeTables/write", + "Microsoft.Network/virtualNetworks/delete", + "Microsoft.Network/virtualNetworks/join/action", + "Microsoft.Network/virtualNetworks/join/action", + "Microsoft.Network/virtualNetworks/joinLoadBalancer/action", + "Microsoft.Network/virtualNetworks/peer/action", + "Microsoft.Network/virtualNetworks/subnets/delete", + "Microsoft.Network/virtualNetworks/subnets/joinLoadBalancer/action", + "Microsoft.Network/virtualNetworks/subnets/virtualMachines/read", + "Microsoft.Network/virtualNetworks/subnets/write", + "Microsoft.Network/virtualNetworks/virtualMachines/read", + "Microsoft.Network/virtualNetworks/virtualNetworkPeerings/delete", + "Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read", + "Microsoft.Network/virtualNetworks/virtualNetworkPeerings/write", + "Microsoft.Network/virtualNetworks/write", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.Storage/storageAccounts/blobServices/containers/read", + "Microsoft.Storage/storageAccounts/blobServices/containers/write", + "Microsoft.Storage/storageAccounts/read", + "Microsoft.Storage/storageAccounts/write" ], - \"NotActions\": [], - \"AssignableScopes\": [\"/subscriptions/$SUBSCRIPTION_ID\"] - }" > static-permissions.json + "NotActions": [], + "AssignableScopes": ["/subscriptions/$SUBSCRIPTION_ID"] + } + EOF ``` 3. Next, create a JSON file for the compute gallery scope permissions. Issue the following command to create the JSON file. ```shell - echo "{ - \"Name\": \"Static Placement Palette Deployer - Compute Gallery Scope\", - \"IsCustom\": true, - \"Description\": \"Can deploy the compute gallery level components of Azure IaaS clusters using static placement with Palette.\", - \"Actions\": [ - \"Microsoft.Compute/galleries/images/read\", - \"Microsoft.Compute/galleries/images/versions/read\" - ], - \"NotActions\": [], - \"AssignableScopes\": [\"/subscriptions/$SUBSCRIPTION_ID\"] - }" > static-gallery-scope-permissions.json + cat << EOF > static-gallery-scope-permissions.json + { + "Name": "Static Placement Palette Deployer - Compute Gallery Scope", + "IsCustom": true, + "Description": "Can deploy the compute gallery level components of Azure IaaS clusters using static placement with Palette.", + "Actions": [ + "Microsoft.Compute/galleries/images/read", + "Microsoft.Compute/galleries/images/versions/read" + ], + "NotActions": [], + "AssignableScopes": ["/subscriptions/$SUBSCRIPTION_ID"] + } + EOF ``` 4. Create a JSON file for the subnet scope permissions. ```shell - echo "{ - \"Name\": \"Static Placement Palette Deployer - Subnet Scope\", - \"IsCustom\": true, - \"Description\": \"Can deploy the subnet level components of Azure IaaS clusters using static placement with Palette.\", - \"Actions\": [ - \"Microsoft.Network/virtualNetworks/subnets/join/action\", - \"Microsoft.Network/virtualNetworks/subnets/read\" + cat << EOF > static-subnet-scope-permissions.json + { + "Name": "Static Placement Palette Deployer - Subnet Scope", + "IsCustom": true, + "Description": "Can deploy the subnet level components of Azure IaaS clusters using static placement with Palette.", + "Actions": [ + "Microsoft.Network/virtualNetworks/subnets/join/action", + "Microsoft.Network/virtualNetworks/subnets/read" ], - \"NotActions\": [], - \"AssignableScopes\": [\"/subscriptions/$SUBSCRIPTION_ID\"] - }" > static-subnet-scope-permissions.json + "NotActions": [], + "AssignableScopes": ["/subscriptions/$SUBSCRIPTION_ID"] + } + EOF ``` 5. The last JSON file is for the virtual network scope permissions. Issue the following command to create the JSON file. ```shell - echo "{ - \"Name\": \"Static Placement Palette Deployer - Virtual Network Scope\", - \"IsCustom\": true, - \"Description\": \"Can deploy the virtual network level components of Azure IaaS clusters using static placement with Palette.\", - \"Actions\": [\"Microsoft.Network/virtualNetworks/read\"], - \"NotActions\": [], - \"AssignableScopes\": [\"/subscriptions/$SUBSCRIPTION_ID\"] - }" > static-virtual-network-scope-permissions.json + cat << EOF > static-virtual-network-scope-permissions.json + { + "Name": "Static Placement Palette Deployer - Virtual Network Scope", + "IsCustom": true, + "Description": "Can deploy the virtual network level components of Azure IaaS clusters using static placement with Palette.", + "Actions": ["Microsoft.Network/virtualNetworks/read"], + "NotActions": [], + "AssignableScopes": ["/subscriptions/$SUBSCRIPTION_ID"] + } + EOF ``` @@ -636,62 +647,64 @@ Select the tab below to view the required permissions and steps for the static p statically in Palette. ```shell - echo "{ - \"Name\": \"Static Placement Palette Deployer\", - \"IsCustom\": true, - \"Description\": \"Can deploy Azure IaaS clusters using static placement with Palette.\", - \"Actions\": [ - \"Microsoft.Compute/disks/delete\", - \"Microsoft.Compute/disks/read\", - \"Microsoft.Compute/disks/write\", - \"Microsoft.Compute/virtualMachines/delete\", - \"Microsoft.Compute/virtualMachines/extensions/delete\", - \"Microsoft.Compute/virtualMachines/extensions/read\", - \"Microsoft.Compute/virtualMachines/extensions/write\", - \"Microsoft.Compute/virtualMachines/read\", - \"Microsoft.Compute/virtualMachines/write\", - \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\", - \"Microsoft.Network/loadBalancers/delete\", - \"Microsoft.Network/loadBalancers/inboundNatRules/delete\", - \"Microsoft.Network/loadBalancers/inboundNatRules/join/action\", - \"Microsoft.Network/loadBalancers/inboundNatRules/read\", - \"Microsoft.Network/loadBalancers/inboundNatRules/write\", - \"Microsoft.Network/loadBalancers/read\", - \"Microsoft.Network/loadBalancers/write\", - \"Microsoft.Network/networkInterfaces/delete\", - \"Microsoft.Network/networkInterfaces/join/action\", - \"Microsoft.Network/networkInterfaces/read\", - \"Microsoft.Network/networkInterfaces/write\", - \"Microsoft.Network/networkSecurityGroups/read\", - \"Microsoft.Network/networkSecurityGroups/securityRules/delete\", - \"Microsoft.Network/networkSecurityGroups/securityRules/read\", - \"Microsoft.Network/networkSecurityGroups/securityRules/write\", - \"Microsoft.Network/privateDnsZones/A/delete\", - \"Microsoft.Network/privateDnsZones/A/read\", - \"Microsoft.Network/privateDnsZones/A/write\", - \"Microsoft.Network/privateDnsZones/delete\", - \"Microsoft.Network/privateDnsZones/read\", - \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/delete\", - \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/read\", - \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/write\", - \"Microsoft.Network/privateDnsZones/write\", - \"Microsoft.Network/publicIPAddresses/delete\", - \"Microsoft.Network/publicIPAddresses/join/action\", - \"Microsoft.Network/publicIPAddresses/read\", - \"Microsoft.Network/publicIPAddresses/write\", - \"Microsoft.Network/routeTables/delete\", - \"Microsoft.Network/routeTables/read\", - \"Microsoft.Network/routeTables/write\", - \"Microsoft.Network/virtualNetworks/join/action\", - \"Microsoft.Resources/subscriptions/resourceGroups/read\", - \"Microsoft.Network/virtualNetworks/read\", - \"Microsoft.Network/virtualNetworks/subnets/join/action\", - \"Microsoft.Network/virtualNetworks/subnets/read\", - \"Microsoft.Compute/galleries/images/read\", - \"Microsoft.Compute/galleries/images/versions/read\" + cat << EOF > static-placement-permissions.json + { + "Name": "Static Placement Palette Deployer", + "IsCustom": true, + "Description": "Can deploy Azure IaaS clusters using static placement with Palette.", + "Actions": [ + "Microsoft.Compute/disks/delete", + "Microsoft.Compute/disks/read", + "Microsoft.Compute/disks/write", + "Microsoft.Compute/virtualMachines/delete", + "Microsoft.Compute/virtualMachines/extensions/delete", + "Microsoft.Compute/virtualMachines/extensions/read", + "Microsoft.Compute/virtualMachines/extensions/write", + "Microsoft.Compute/virtualMachines/read", + "Microsoft.Compute/virtualMachines/write", + "Microsoft.Network/loadBalancers/backendAddressPools/join/action", + "Microsoft.Network/loadBalancers/delete", + "Microsoft.Network/loadBalancers/inboundNatRules/delete", + "Microsoft.Network/loadBalancers/inboundNatRules/join/action", + "Microsoft.Network/loadBalancers/inboundNatRules/read", + "Microsoft.Network/loadBalancers/inboundNatRules/write", + "Microsoft.Network/loadBalancers/read", + "Microsoft.Network/loadBalancers/write", + "Microsoft.Network/networkInterfaces/delete", + "Microsoft.Network/networkInterfaces/join/action", + "Microsoft.Network/networkInterfaces/read", + "Microsoft.Network/networkInterfaces/write", + "Microsoft.Network/networkSecurityGroups/read", + "Microsoft.Network/networkSecurityGroups/securityRules/delete", + "Microsoft.Network/networkSecurityGroups/securityRules/read", + "Microsoft.Network/networkSecurityGroups/securityRules/write", + "Microsoft.Network/privateDnsZones/A/delete", + "Microsoft.Network/privateDnsZones/A/read", + "Microsoft.Network/privateDnsZones/A/write", + "Microsoft.Network/privateDnsZones/delete", + "Microsoft.Network/privateDnsZones/read", + "Microsoft.Network/privateDnsZones/virtualNetworkLinks/delete", + "Microsoft.Network/privateDnsZones/virtualNetworkLinks/read", + "Microsoft.Network/privateDnsZones/virtualNetworkLinks/write", + "Microsoft.Network/privateDnsZones/write", + "Microsoft.Network/publicIPAddresses/delete", + "Microsoft.Network/publicIPAddresses/join/action", + "Microsoft.Network/publicIPAddresses/read", + "Microsoft.Network/publicIPAddresses/write", + "Microsoft.Network/routeTables/delete", + "Microsoft.Network/routeTables/read", + "Microsoft.Network/routeTables/write", + "Microsoft.Network/virtualNetworks/join/action", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.Network/virtualNetworks/read", + "Microsoft.Network/virtualNetworks/subnets/join/action", + "Microsoft.Network/virtualNetworks/subnets/read", + "Microsoft.Compute/galleries/images/read", + "Microsoft.Compute/galleries/images/versions/read" ], - \"AssignableScopes\": [\"/subscriptions/$SUBSCRIPTION_ID\"] - }" > static-placement-permissions.json + "AssignableScopes": ["/subscriptions/$SUBSCRIPTION_ID"] + } + EOF ``` @@ -794,62 +807,64 @@ Select the tab below to view the required permissions and steps for the static p statically in Palette. ```shell - echo "{ - \"Name\": \"Static Placement Palette Deployer\", - \"IsCustom\": true, - \"Description\": \"Can deploy Azure IaaS clusters using static placement with Palette.\", - \"Actions\": [ - \"Microsoft.Compute/disks/delete\", - \"Microsoft.Compute/disks/read\", - \"Microsoft.Compute/disks/write\", - \"Microsoft.Compute/virtualMachines/delete\", - \"Microsoft.Compute/virtualMachines/extensions/delete\", - \"Microsoft.Compute/virtualMachines/extensions/read\", - \"Microsoft.Compute/virtualMachines/extensions/write\", - \"Microsoft.Compute/virtualMachines/read\", - \"Microsoft.Compute/virtualMachines/write\", - \"Microsoft.Network/loadBalancers/backendAddressPools/join/action\", - \"Microsoft.Network/loadBalancers/delete\", - \"Microsoft.Network/loadBalancers/inboundNatRules/delete\", - \"Microsoft.Network/loadBalancers/inboundNatRules/join/action\", - \"Microsoft.Network/loadBalancers/inboundNatRules/read\", - \"Microsoft.Network/loadBalancers/inboundNatRules/write\", - \"Microsoft.Network/loadBalancers/read\", - \"Microsoft.Network/loadBalancers/write\", - \"Microsoft.Network/networkInterfaces/delete\", - \"Microsoft.Network/networkInterfaces/join/action\", - \"Microsoft.Network/networkInterfaces/read\", - \"Microsoft.Network/networkInterfaces/write\", - \"Microsoft.Network/networkSecurityGroups/read\", - \"Microsoft.Network/networkSecurityGroups/securityRules/delete\", - \"Microsoft.Network/networkSecurityGroups/securityRules/read\", - \"Microsoft.Network/networkSecurityGroups/securityRules/write\", - \"Microsoft.Network/privateDnsZones/A/delete\", - \"Microsoft.Network/privateDnsZones/A/read\", - \"Microsoft.Network/privateDnsZones/A/write\", - \"Microsoft.Network/privateDnsZones/delete\", - \"Microsoft.Network/privateDnsZones/read\", - \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/delete\", - \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/read\", - \"Microsoft.Network/privateDnsZones/virtualNetworkLinks/write\", - \"Microsoft.Network/privateDnsZones/write\", - \"Microsoft.Network/publicIPAddresses/delete\", - \"Microsoft.Network/publicIPAddresses/join/action\", - \"Microsoft.Network/publicIPAddresses/read\", - \"Microsoft.Network/publicIPAddresses/write\", - \"Microsoft.Network/routeTables/delete\", - \"Microsoft.Network/routeTables/read\", - \"Microsoft.Network/routeTables/write\", - \"Microsoft.Network/virtualNetworks/join/action\", - \"Microsoft.Resources/subscriptions/resourceGroups/read\", - \"Microsoft.Network/virtualNetworks/read\", - \"Microsoft.Network/virtualNetworks/subnets/join/action\", - \"Microsoft.Network/virtualNetworks/subnets/read\", - \"Microsoft.Compute/galleries/images/read\", - \"Microsoft.Compute/galleries/images/versions/read\" + cat << EOF > static-placement-permissions.json + { + "Name": "Static Placement Palette Deployer", + "IsCustom": true, + "Description": "Can deploy Azure IaaS clusters using static placement with Palette.", + "Actions": [ + "Microsoft.Compute/disks/delete", + "Microsoft.Compute/disks/read", + "Microsoft.Compute/disks/write", + "Microsoft.Compute/virtualMachines/delete", + "Microsoft.Compute/virtualMachines/extensions/delete", + "Microsoft.Compute/virtualMachines/extensions/read", + "Microsoft.Compute/virtualMachines/extensions/write", + "Microsoft.Compute/virtualMachines/read", + "Microsoft.Compute/virtualMachines/write", + "Microsoft.Network/loadBalancers/backendAddressPools/join/action", + "Microsoft.Network/loadBalancers/delete", + "Microsoft.Network/loadBalancers/inboundNatRules/delete", + "Microsoft.Network/loadBalancers/inboundNatRules/join/action", + "Microsoft.Network/loadBalancers/inboundNatRules/read", + "Microsoft.Network/loadBalancers/inboundNatRules/write", + "Microsoft.Network/loadBalancers/read", + "Microsoft.Network/loadBalancers/write", + "Microsoft.Network/networkInterfaces/delete", + "Microsoft.Network/networkInterfaces/join/action", + "Microsoft.Network/networkInterfaces/read", + "Microsoft.Network/networkInterfaces/write", + "Microsoft.Network/networkSecurityGroups/read", + "Microsoft.Network/networkSecurityGroups/securityRules/delete", + "Microsoft.Network/networkSecurityGroups/securityRules/read", + "Microsoft.Network/networkSecurityGroups/securityRules/write", + "Microsoft.Network/privateDnsZones/A/delete", + "Microsoft.Network/privateDnsZones/A/read", + "Microsoft.Network/privateDnsZones/A/write", + "Microsoft.Network/privateDnsZones/delete", + "Microsoft.Network/privateDnsZones/read", + "Microsoft.Network/privateDnsZones/virtualNetworkLinks/delete", + "Microsoft.Network/privateDnsZones/virtualNetworkLinks/read", + "Microsoft.Network/privateDnsZones/virtualNetworkLinks/write", + "Microsoft.Network/privateDnsZones/write", + "Microsoft.Network/publicIPAddresses/delete", + "Microsoft.Network/publicIPAddresses/join/action", + "Microsoft.Network/publicIPAddresses/read", + "Microsoft.Network/publicIPAddresses/write", + "Microsoft.Network/routeTables/delete", + "Microsoft.Network/routeTables/read", + "Microsoft.Network/routeTables/write", + "Microsoft.Network/virtualNetworks/join/action", + "Microsoft.Resources/subscriptions/resourceGroups/read", + "Microsoft.Network/virtualNetworks/read", + "Microsoft.Network/virtualNetworks/subnets/join/action", + "Microsoft.Network/virtualNetworks/subnets/read", + "Microsoft.Compute/galleries/images/read", + "Microsoft.Compute/galleries/images/versions/read" ], - \"AssignableScopes\": [\"/subscriptions/$SUBSCRIPTION_ID\"] - }" > static-placement-permissions.json + "AssignableScopes": ["/subscriptions/$SUBSCRIPTION_ID"] + } + EOF ``` From a2d7572a248aa2b88ef878537f9cfbd48b12467f Mon Sep 17 00:00:00 2001 From: Karl Cardenas Date: Thu, 12 Sep 2024 09:27:28 -0700 Subject: [PATCH 3/3] chore: prettier --- .../vm-management/create-manage-vm/enable-cpu-hotplug.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/docs-content/vm-management/create-manage-vm/enable-cpu-hotplug.md b/docs/docs-content/vm-management/create-manage-vm/enable-cpu-hotplug.md index cbdb237765..6b9c5dc763 100644 --- a/docs/docs-content/vm-management/create-manage-vm/enable-cpu-hotplug.md +++ b/docs/docs-content/vm-management/create-manage-vm/enable-cpu-hotplug.md @@ -46,8 +46,8 @@ Select the tab that corresponds to the method you want to use to enable CPU or m :::info - Memory changes expose an additional **Save & Restart** button. This button allows you to save the changes and immediately - restart the VM to apply the changes. Otherwise, the changes are applied through live migration. + Memory changes expose an additional **Save & Restart** button. This button allows you to save the changes and + immediately restart the VM to apply the changes. Otherwise, the changes are applied through live migration. :::