@@ -579,6 +579,38 @@ try {
579579
580580 # 2.Connect to AKS cluster
581581 try {
582+ Write-Host " Checking if user already has AKS Cluster Admin role..." - ForegroundColor Cyan
583+ # -----------------------------------------
584+ # Check and assign AKS RBAC Cluster Admin role
585+ # -----------------------------------------
586+
587+ $subscriptionId = (az account show -- query id - o tsv)
588+ $resourceGroup = $deploymentResult.ResourceGroupName
589+ $aksName = $deploymentResult.AksName
590+
591+ # Get current signed-in user
592+ $currentUser = az ad signed- in- user show -- query id - o tsv
593+
594+ # Get AKS resource ID
595+ $aksResourceId = az aks show -- resource- group $resourceGroup -- name $aksName -- subscription $subscriptionId -- query id - o tsv
596+
597+ # Check if role already assigned
598+ $roleCheck = az role assignment list `
599+ -- assignee $currentUser `
600+ -- role " Azure Kubernetes Service RBAC Cluster Admin" `
601+ -- scope $aksResourceId `
602+ -- query " [].id" - o tsv
603+
604+ if (-not $roleCheck ) {
605+ Write-Host " Assigning 'Azure Kubernetes Service RBAC Cluster Admin' role to current user..."
606+ az role assignment create `
607+ -- assignee $currentUser `
608+ -- role " Azure Kubernetes Service RBAC Cluster Admin" `
609+ -- scope $aksResourceId | Out-Null
610+ Write-Host " Role assignment complete."
611+ } else {
612+ Write-Host " User already has 'Azure Kubernetes Service RBAC Cluster Admin' role."
613+ }
582614 Write-Host " Connecting to AKS cluster..." - ForegroundColor Cyan
583615 az aks get-credentials -- resource- group $deploymentResult.ResourceGroupName -- name $deploymentResult.AksName -- overwrite- existing
584616 Write-Host " Connected to AKS cluster." - ForegroundColor Green
0 commit comments