Unable to create AKS cluster

biswajitsamal59 · May 5, 2023, 3:24pm

I am not able to create AKS cluster with single node of B2s SKU. Getting policy violation : azure8922-935542-PolicyDefinition-ODL-azure-935542.

{“code”:“InvalidTemplateDeployment”,“message”:“The template deployment failed because of policy violation. Please see details for more information.”,“details”:[{“code”:“RequestDisallowedByPolicy”,“target”:“devaks”,“message”:“Resource ‘devaks’ was disallowed by policy. (Code: RequestDisallowedByPolicy)”,“additionalInfo”:[{“type”:“PolicyViolation”,“info”:{“evaluationDetails”:{“evaluatedExpressions”:[{“result”:“False”,“expressionKind”:“Field”,“expression”:“type”,“path”:“type”,“expressionValue”:“Microsoft.ContainerService/managedClusters”,“targetValue”:“Microsoft.Compute/virtualMachines”,“operator”:“Like”},{“result”:“False”,“expressionKind”:“Field”,“expression”:“type”,“path”:“type”,“expressionValue”:“Microsoft.ContainerService/managedClusters”,“targetValue”:“Microsoft.Compute/sshPublicKeys”,“operator”:“Like”},{“result”:“False”,“expressionKind”:“Field”,“expression”:“type”,“path”:“type”,“expressionValue”:“Microsoft.ContainerService/managedClusters”,“targetValue”:“Microsoft.Compute/virtualMachineScaleSets”,“operator”:“Like”},{“result”:“False”,“expressionKind”:“Field”,“expression”:“type”,“path”:“type”,“expressionValue”:“Microsoft.ContainerService/managedClusters”,“targetValue”:“Microsoft.Compute/disks”,“operator”:“Like”},{“result”:“False”,“expressionKind”:“Field”,“expression”:“type”,“path”:“type”,“expressionValue”:“Microsoft.ContainerService/managedClusters”,“targetValue”:“Microsoft.Storage”,“operator”:“Like”},{“result”:“False”,“expressionKind”:“Field”,“expression”:“type”,“path”:“type”,“expressionValue”:“Microsoft.ContainerService/managedClusters”,“targetValue”:“Microsoft.Network/networkInterfaces”,“operator”:“Like”},{“result”:“False”,“expressionKind”:“Field”,“expression”:“type”,“path”:“type”,“expressionValue”:“Microsoft.ContainerService/managedClusters”,“targetValue”:“Microsoft.Network/networkSecurityGroups”,“operator”:“Like”},{“result”:“False”,“expressionKind”:“Field”,“expression”:“type”,“path”:“type”,“expressionValue”:“Microsoft.ContainerService/managedClusters”,“targetValue”:“Microsoft.Network/publicIPAddresses”,“operator”:“Like”},{“result”:“False”,“expressionKind”:“Field”,“expression”:“type”,“path”:“type”,“expressionValue”:“Microsoft.ContainerService/managedClusters”,“targetValue”:“Microsoft.Network/virtualNetworks”,“operator”:“Like”},{“result”:“False”,“expressionKind”:“Field”,“expression”:“type”,“path”:“type”,“expressionValue”:“Microsoft.ContainerService/managedClusters”,“targetValue”:“Microsoft.DocumentDB/databaseAccounts”,“operator”:“Like”},{“result”:“False”,“expressionKind”:“Field”,“expression”:“type”,“path”:“type”,“expressionValue”:“Microsoft.ContainerService/managedClusters”,“targetValue”:“Microsoft.Web/serverFarms”,“operator”:“Like”},{“result”:“False”,“expressionKind”:“Field”,“expression”:“type”,“path”:“type”,“expressionValue”:“Microsoft.ContainerService/managedClusters”,“targetValue”:“Microsoft.Web/sites”,“operator”:“Like”},{“result”:“False”,“expressionKind”:“Field”,“expression”:“type”,“path”:“type”,“expressionValue”:“Microsoft.ContainerService/managedClusters”,“targetValue”:“Microsoft.Sql/servers”,“operator”:“Like”},{“result”:“False”,“expressionKind”:“Field”,“expression”:“type”,“path”:“type”,“expressionValue”:“Microsoft.ContainerService/managedClusters”,“targetValue”:“Microsoft.ManagedIdentity/userAssignedIdentities”,“operator”:“Like”},{“result”:“False”,“expressionKind”:“Field”,“expression”:“type”,“path”:“type”,“expressionValue”:“Microsoft.ContainerService/managedClusters”,“targetValue”:“Microsoft.Network/loadBalancers”,“operator”:“Like”},{“result”:“False”,“expressionKind”:“Field”,“expression”:“type”,“path”:“type”,“expressionValue”:“Microsoft.ContainerService/managedClusters”,“targetValue”:“Microsoft.Network/routeTables”,“operator”:“Like”},{“result”:“True”,“expressionKind”:“Field”,“expression”:“type”,“path”:“type”,“expressionValue”:“Microsoft.ContainerService/managedClusters”,“targetValue”:“Microsoft.ContainerService/managedClusters”,“operator”:“Equals”},{“result”:“False”,“expressionKind”:“Field”,“expression”:“Microsoft.ContainerService/managedClusters/agentPoolProfiles[].count",“path”:"properties.agentPoolProfiles[].count”,“expressionValue”:1,“targetValue”:[“2”,“3”],“operator”:“In”}]},“policyDefinitionId”:“/subscriptions/b2aec48f-6dad-4d57-ad25-dad521fe74a4/providers/Microsoft.Authorization/policyDefinitions/azure8922-935542-PolicyDefinition”,“policyDefinitionName”:“azure8922-935542-PolicyDefinition”,“policyDefinitionDisplayName”:“azure8922-935542-PolicyDefinition”,“policyDefinitionEffect”:“deny”,“policyAssignmentId”:“/subscriptions/b2aec48f-6dad-4d57-ad25-dad521fe74a4/resourceGroups/ODL-azure-935542/providers/Microsoft.Authorization/policyAssignments/azure8922-935542-PolicyDefinition-ODL-azure-935542”,“policyAssignmentName”:“azure8922-935542-PolicyDefinition-ODL-azure-935542”,“policyAssignmentDisplayName”:“azure8922-935542-PolicyDefinition-ODL-azure-935542”,“policyAssignmentScope”:“/subscriptions/b2aec48f-6dad-4d57-ad25-dad521fe74a4/resourceGroups/ODL-azure-935542”,“policyAssignmentParameters”:{},“policyExemptionIds”:[]}}],“policyDetails”:[{“isInitiative”:false,“assignmentId”:“/subscriptions/b2aec48f-6dad-4d57-ad25-dad521fe74a4/resourceGroups/ODL-azure-935542/providers/Microsoft.Authorization/policyAssignments/azure8922-935542-PolicyDefinition-ODL-azure-935542”,“assignmentName”:“azure8922-935542-PolicyDefinition-ODL-azure-935542”,“nonComplianceMessage”:null,“viewDetailsUri”:“Microsoft Azure”}]}]}

mmkmou · May 17, 2023, 12:47pm

Hi @biswajitsamal59

Thank you for your patience, can you please follow this tutorial

Regard

biswajitsamal59 · May 17, 2023, 2:37pm

@mmkmou Thanks for the solution. Is there any way I can integrate Container Insight with Premium KodeKloud subscription.