You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@@ -4,13 +4,13 @@ This article demonstrates the process of utilizing blobfuse mount with either a
> make sure the managed identity used by CSI driver is bound to the agent node pool.
## Before you begin
- Make sure the managed identity has `Storage Blob Data Owner` role to the storage account
> here is an example that uses Azure CLI commands to assign the `Storage Blob Data Owner` role to the managed identity for the storage account. If the storage account is created by the driver(dynamic provisioning), then you need to grant `Storage Blob Data Owner` role to the resource group where the storage account is located
- Make sure the managed identity has `Storage Blob Data Contributor` role to the storage account
> here is an example that uses Azure CLI commands to assign the `Storage Blob Data Contributor` role to the managed identity for the storage account. If the storage account is created by the driver(dynamic provisioning), then you need to grant `Storage Blob Data Contributor` role to the resource group where the storage account is located
az role assignment create --assignee-object-id "$mid" --role "Storage Blob Data Owner" --scope "$said"
az role assignment create --assignee-object-id "$mid" --role "Storage Blob Data Contributor" --scope "$said"
```
- Retrieve the clientID for `AzureStorageIdentityClientID`. If you are using kubelet identity, the identity will be named {aks-cluster-name}-agentpool and located in the node resource group.
