The role permissions may not update instantly. Changes may take 2-5 minutes to sync and apply.
When For Azure:
If the Resource Group of the Virtual Network is other than Kyvos, you must add custom roles with the required permissions, as mentioned below in the (Scaling Permissions) table. If Virtual Network is in the same Resource Group as Kyvos,
there is
no additional permission is required for scaling nodes as Azure Managed Identity has Contributor access rights to all resources of the given Resource Group
. If the Resource Group of the Virtual Network is other than Kyvos, custom roles with required permission are needed, as mentioned below in the (Scaling Permissions) table
.
While creating a custom role, add the Resource IDs for the following services in the assignable scope:
Application Gateway
Virtual Network
Network Security Group
Once the custom role is created, it must be assigned to each of the above-listed services.
