mirror of
https://github.com/edgelesssys/constellation.git
synced 2025-03-12 18:16:57 -04:00
Compare commits
2 Commits
2d6e387d1e
...
b2a9a73094
| Author | SHA1 | Date | |
|---|---|---|---|
|
b2a9a73094 | ||
|
|
b75b2e8b13 |
@ -138,6 +138,7 @@ To [create a Constellation cluster](../workflows/create.md#the-create-step), you
|
|||||||
* `Microsoft.Network/virtualNetworks/subnets/*`
|
* `Microsoft.Network/virtualNetworks/subnets/*`
|
||||||
* `Microsoft.Compute/virtualMachineScaleSets/*`
|
* `Microsoft.Compute/virtualMachineScaleSets/*`
|
||||||
* `Microsoft.ManagedIdentity/userAssignedIdentities/*`
|
* `Microsoft.ManagedIdentity/userAssignedIdentities/*`
|
||||||
|
* `Microsoft.Attestation/attestationProviders/*` \[2]
|
||||||
|
|
||||||
The built-in `Contributor` role is a superset of these permissions.
|
The built-in `Contributor` role is a superset of these permissions.
|
||||||
|
|
||||||
@ -145,6 +146,8 @@ Follow Microsoft's guide on [understanding](https://learn.microsoft.com/en-us/az
|
|||||||
|
|
||||||
1: You can omit `*/register/Action` if the resource providers mentioned above are already registered and the `ARM_SKIP_PROVIDER_REGISTRATION` environment variable is set to `true` when creating the IAM configuration.
|
1: You can omit `*/register/Action` if the resource providers mentioned above are already registered and the `ARM_SKIP_PROVIDER_REGISTRATION` environment variable is set to `true` when creating the IAM configuration.
|
||||||
|
|
||||||
|
2: You can omit `Microsoft.Attestation/attestationProviders/*` if `EnforceIDKeyDigest` is set to `MAAFallback` in the [config file](../workflows/config.md#configure-your-cluster).
|
||||||
|
|
||||||
</tabItem>
|
</tabItem>
|
||||||
<tabItem value="gcp" label="GCP">
|
<tabItem value="gcp" label="GCP">
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user