Merge pull request #8952 from axelgMS/patch-14

AmandaAZ · web-flow · commit 244e22387ab9 · 2025-05-27T14:19:43.000+08:00
AB#5908: Update error-code-customprivatednszonemissingpermissionerror.md
diff --git a/support/azure/azure-kubernetes/create-upgrade-delete/error-code-customprivatednszonemissingpermissionerror.md b/support/azure/azure-kubernetes/create-upgrade-delete/error-code-customprivatednszonemissingpermissionerror.md
@@ -1,7 +1,7 @@
 ---
 title: CustomPrivateDNSZoneMissingPermissionError error code
 description: Learn how to fix the CustomPrivateDNSZoneMissingPermissionError error that occurs when you try to create or update an Azure Kubernetes Service (AKS) cluster.
-ms.date: 11/28/2023
+ms.date: 05/27/2025
 author: jotavar
 ms.author: jotavar
 editor: v-jsitser
@@ -28,7 +28,11 @@ An AKS cluster create or update operation fails and returns the following error
 
 ## Cause
 
-Before AKS runs a cluster create or update operation for a private cluster that uses a [custom private DNS zone](/azure/aks/private-clusters#configure-a-private-dns-zone), it checks whether the cluster's managed identity or service principal has the required permissions to control the private DNS zone. If AKS doesn't find the necessary permissions, it blocks the operation so that the cluster doesn't enter a failed state.
+Before AKS runs a cluster create or update operation for a private cluster that uses a [custom private DNS zone](/azure/aks/private-clusters#configure-a-private-dns-zone), it checks whether the cluster's managed identity or service principal has the required permissions to control the private DNS zone. If AKS can't find the necessary permissions in cases like the following ones, it blocks the operation so that the cluster doesn't enter a failed state:
+
+- The managed identity or service principal has been deleted.
+- The managed identity or service principal has been re-created with the same name.
+- An incorrect managed identity is passed.
 
 ## Solution
 
