After the announcement of AKS (Azure's managed Kubernetes service) I decided to try it out. I'm not experienced with Azure (aside from administering Office365 and using Azure AD), so I just copy-pasted commands from the introduction blog post.
Unfortunately, creating a cluster failed with the following error:
$ az aks create -g MyResourceGroup -n MyManagedCluster --ssh-key-value ~/.ssh/id_rsa.pub
Deployment failed. Correlation ID: cbb78191-73a0-4c78-aaed-f991fdae5f4f. unable to create resource group. error: resources.ProvidersClient#Register: Failure responding to request: StatusCode=403 -- Original Error: autorest/azure: Service returned an error. Status=403 Code="AuthorizationFailed" Message="The client '761da5e6-d1ed-41b4-8cb5-3c60d8ae1243' with object id '761da5e6-d1ed-41b4-8cb5-3c60d8ae1243' does not have authorization to perform action 'Microsoft.Compute/register/action' over scope '/subscriptions/5aedaa24-356a-4b17-98b3-d09129d00f4d'."
However, az aks list does show a cluster was created. Due to the error I wanted to delete the cluster, but deletion also fails!
$ az aks delete --resource-group MyResourceGroup --name MyManagedCluster
Are you sure you want to perform this operation? (y/n): y Deployment failed. Correlation ID: 64fd7054-3f4b-4dd7-99dc-6978233661be. failed to delete resource group: resources.ProvidersClient#Register: Failure responding to request: StatusCode=403 -- Original Error: autorest/azure: Service returned an error. Status=403 Code="AuthorizationFailed" Message="The client '761da5e6-d1ed-41b4-8cb5-3c60d8ae1243' with object id '761da5e6-d1ed-41b4-8cb5-3c60d8ae1243' does not have authorization to perform action 'Microsoft.Compute/register/action' over scope '/subscriptions/5aedaa24-356a-4b17-98b3-d09129d00f4d'."
I tried deleting from the cli and from the Azure Portal, multiple times. Each time it failed due to apparently insufficient authorization, despite the Portal claiming I'm actually the owner of the cluster.
So, I'm stuck with an unwanted cluster. Any thoughts?
