attach cluster uami to node subnet

main.tf

@@ -48,6 +48,18 @@ resource "azurerm_role_assignment" "network_contributor_on_resource_group" {
   role_definition_name = "Network Contributor"
 }
 
+resource "azurerm_role_assignment" "virtual_machine_contributor_on_resource_group" {
+  principal_id         = data.azurerm_user_assigned_identity.cluster_identity.principal_id
+  scope                = data.azurerm_resource_group.this.id
+  role_definition_name = "Virtual Machine Contributor"
+}
+
+resource "azurerm_role_assignment" "network_contributor_on_node_subnet" {
+  principal_id         = data.azurerm_user_assigned_identity.cluster_identity.principal_id
+  scope                = var.network.node_subnet_id
+  role_definition_name = "Network Contributor"
+}
+
 resource "azurerm_kubernetes_cluster" "this" {
   location                          = var.location
   name                              = "aks-${var.name}"