From f9dcfefe953c6092174a3e9c354eedb4c1cb0080 Mon Sep 17 00:00:00 2001 From: cadenmarchese Date: Fri, 7 Mar 2025 12:21:00 -0500 Subject: [PATCH 1/2] Add required Microsoft.Network/natGateways/join/action permission --- manifests/03_credentials_request_azure_file.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/03_credentials_request_azure_file.yaml b/manifests/03_credentials_request_azure_file.yaml index 4e3a24b60..58e08b0c7 100644 --- a/manifests/03_credentials_request_azure_file.yaml +++ b/manifests/03_credentials_request_azure_file.yaml @@ -18,6 +18,7 @@ spec: permissions: - 'Microsoft.Network/networkSecurityGroups/join/action' - 'Microsoft.Network/routeTables/join/action' + - 'Microsoft.Network/natGateways/join/action' - 'Microsoft.Network/virtualNetworks/subnets/read' - 'Microsoft.Network/virtualNetworks/subnets/write' - 'Microsoft.Storage/storageAccounts/delete' From 9f2f681996c2b7872a4ad3b3bf469686eb08cb7c Mon Sep 17 00:00:00 2001 From: cadenmarchese Date: Mon, 21 Apr 2025 12:05:33 -0400 Subject: [PATCH 2/2] add serviceEndpointPolicies,networkIntentPolicies,ipamPools join --- manifests/03_credentials_request_azure_file.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/manifests/03_credentials_request_azure_file.yaml b/manifests/03_credentials_request_azure_file.yaml index 58e08b0c7..685b45a5b 100644 --- a/manifests/03_credentials_request_azure_file.yaml +++ b/manifests/03_credentials_request_azure_file.yaml @@ -29,6 +29,9 @@ spec: - 'Microsoft.Storage/storageAccounts/listKeys/action' - 'Microsoft.Storage/storageAccounts/read' - 'Microsoft.Storage/storageAccounts/write' + - 'Microsoft.Network/serviceEndpointPolicies/join/action' + - 'Microsoft.Network/networkIntentPolicies/join/action' + - 'Microsoft.Network/networkManagers/ipamPools/associateResourcesToPool/action' secretRef: name: azure-file-credentials namespace: openshift-cluster-csi-drivers