* Service events are now added in azure-cloud-provider for easily identify the underground errors of Azure API. ([#68212](https://github.com/kubernetes/kubernetes/pull/68212), [@feiskyer](https://github.com/feiskyer))
* Service events are now added in azure-cloud-provider for easily identify the underground errors of Azure API. ([#68212](https://github.com/kubernetes/kubernetes/pull/68212), [@feiskyer](https://github.com/feiskyer))
* Action required: The following clusterrole and clusterrolebinding should be applied:
* Action required: The following clusterrole and clusterrolebinding should be applied:
* kind: List
```
* apiVersion: v1
kind: List
* items:
apiVersion: v1
* - apiVersion: rbac.authorization.k8s.io/v1
items:
* kind: ClusterRole
- apiVersion: rbac.authorization.k8s.io/v1
* metadata:
kind: ClusterRole
* labels:
metadata:
* kubernetes.io/cluster-service: "true"
labels:
* name: system:azure-cloud-provider
kubernetes.io/cluster-service: "true"
* rules:
name: system:azure-cloud-provider
* - apiGroups: [""]
rules:
* resources: ["events"]
- apiGroups: [""]
* verbs:
resources: ["events"]
* - create
verbs:
* - patch
- create
* - update
- patch
* - apiVersion: rbac.authorization.k8s.io/v1
- update
* kind: ClusterRoleBinding
- apiVersion: rbac.authorization.k8s.io/v1
* metadata:
kind: ClusterRoleBinding
* labels:
metadata:
* kubernetes.io/cluster-service: "true"
labels:
* name: system:azure-cloud-provider
kubernetes.io/cluster-service: "true"
* roleRef:
name: system:azure-cloud-provider
* apiGroup: rbac.authorization.k8s.io
roleRef:
* kind: ClusterRole
apiGroup: rbac.authorization.k8s.io
* name: system:azure-cloud-provider
kind: ClusterRole
* subjects:
name: system:azure-cloud-provider
* - kind: ServiceAccount
subjects:
* name: azure-cloud-provider
- kind: ServiceAccount
* namespace: kube-system
name: azure-cloud-provider
namespace: kube-system
```
* If the clusterrole with same has already been provisioned (e.g. for accessing azurefile secrets), then the above yaml should be merged togather, e.g.
* If the clusterrole with same has already been provisioned (e.g. for accessing azurefile secrets), then the above yaml should be merged togather, e.g.