I am trying to use the AzureRM provider and the role assigment to limit access for a specific cluster namespace using Terraform. I believe the code below is the right way to go about it.
resource "azurerm_role_assignment" "aks_devs_ns_hello" {
scope = "${module.aks_cluster.id}/namespaces/hello"
role_definition_name = "Azure Kubernetes Service RBAC Reader"
principal_id = azuread_group.aks_devs.object_id
}
However, when I run Terraform, at the point when the role assigment is meant be created, it fails with the following error:
│ Error: loading Role Definition List: authorization.RoleDefinitionsClient#List: Failure responding to request: StatusCode=400 -- Original Error: autorest/azure: Service returned an error. Status=400 Code="InvalidApiVersionParameter" Message="The api-version '2018-01-01-preview' is invalid. The supported versions are '2022-05-01,2022-03-01-preview,2022-01-01,2021-04-01,2021-01-01,2020-10-01,2020-09-01,2020-08-01,2020-07-01,2020-06-01,2020-05-01,2020-01-01,2019-11-01,2019-10-01,2019-09-01,2019-08-01,2019-07-01,2019-06-01,2019-05-10,2019-05-01,2019-03-01,2018-11-01,2018-09-01,2018-08-01,2018-07-01,2018-06-01,2018-05-01,2018-02-01,2018-01-01,2017-12-01,2017-08-01,2017-06-01,2017-05-10,2017-05-01,2017-03-01,2016-09-01,2016-07-01,2016-06-01,2016-02-01,2015-11-01,2015-01-01,2014-04-01-preview,2014-04-01,2014-01-01,2013-03-01,2014-02-26,2014-04'."
If I limit the scope to the entire cluster, everything working. Is there a way of resolving this issue?
Thanks.