Versions Compared

Old Version 5

changes.mady.by.user Sarabjeet Kaur

Saved on

compared with

New Version Current

changes.mady.by.user Sarabjeet Kaur

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This section lists the permissions required for supporting scaling of individual functionality (i.e. increase or decrease of nodes and disk). By default, these permissions don’t exist in the created role if the role is not created by enabling scaling permissions (scaling aware manner). Thus in each such environment where scaling is not enabled (either for complete scaling or for specific scaling functionality) at any time earlier than before the need to use that functionality, the role must include the permissions required for using that functionality.

Panel
panelIconIdatlassian-note
panelIcon:note:
bgColor#DEEBFF

Note

  • The role permissions may not update instantly. Changes may take 2-5 minutes to sync and apply.

  • For Azure:

    • If the Resource Group of the Virtual Network is other than Kyvos, you must add custom roles with the required permissions, as mentioned below in the (Scaling Permissions) table. If Virtual Network is in the same Resource Group as Kyvos, no additional permission is required for scaling nodes as Azure Managed Identity has Contributor access rights to all resources of the given Resource Group.

    • While creating a custom role, add the Resource IDs for the following services in the assignable scope:

      • Application Gateway

      • Virtual Network

      • Network Security Group

    • Once the custom role is created, it must be assigned to each of the above-listed services.

    • No permission is required for Query Engine disk scaling.

...