role def update

pkg/util/azureclient/mgmt/authorization/roledefinitions_addons.go

@@ -33,5 +33,5 @@ func (c *roleDefinitionsClient) List(ctx context.Context, scope string, filter s
 }
 
 func (c *roleDefinitionsClient) CreateOrUpdate(ctx context.Context, scope string, roleDefinitionID string, roleDefinition mgmtauthorization.RoleDefinition) (mgmtauthorization.RoleDefinition, error){
-	return c.CreateOrUpdate(ctx, scope, roleDefinitionID, roleDefinition)
+	return c.RoleDefinitionsClient.CreateOrUpdate(ctx, scope, roleDefinitionID, roleDefinition)	
 }

pkg/util/cluster/cluster.go

@@ -417,8 +417,19 @@ func (c *Cluster) SetupWorkloadIdentity(ctx context.Context, vnetResourceGroup s
 }
 
 func (c *Cluster) workaroundDiskCsiPermissions(ctx context.Context, diskCsiDriverPrincipalID *string) error {
-	workaroundRole, err := c.roledefinitions.CreateOrUpdate(ctx, fmt.Sprintf("/subscriptions/%s", c.Config.SubscriptionID), diskCsiRoleName, mgmtauthorization.RoleDefinition{
-		Name: to.StringPtr(diskCsiRoleName),
+	allRoledefs, err := c.roledefinitions.List(ctx, fmt.Sprintf("/subscriptions/%s", c.Config.SubscriptionID), "")
+	if err != nil {
+		return fmt.Errorf("Error getting existing roles: %w", err)
+	}
+
+	roleID := uuid.DefaultGenerator.Generate()
+	for _, rd := range allRoledefs {
+		if *rd.RoleName == diskCsiRoleName {
+			roleID = *rd.Name
+		}
+	}
+
+	workaroundRole, err := c.roledefinitions.CreateOrUpdate(ctx, fmt.Sprintf("/subscriptions/%s", c.Config.SubscriptionID), roleID, mgmtauthorization.RoleDefinition{
 		RoleDefinitionProperties: &mgmtauthorization.RoleDefinitionProperties{
 			RoleName:    to.StringPtr(diskCsiRoleName),
 			Description: to.StringPtr("Tmp disk csi role"),
@@ -431,7 +442,7 @@ func (c *Cluster) workaroundDiskCsiPermissions(ctx context.Context, diskCsiDrive
 		},
 	})
 	if err != nil {
-		return fmt.Errorf("Error creating workaround role: %w", err)
+		return fmt.Errorf("Error creating/updating workaround role: %w", err)
 	}
 	_, err = c.roleassignments.Create(
 		ctx,