Hi Mahesh Patil,

The lack of cluster-admin privileges is hard to accept, as there is unquestionably no way to configure an EFK/ELK stack for your apps in ARO 3.11. However, Prometheus/Grafana is possible to set up.

Which type of compute nodes do you lack with ARO? I’m pretty sure there are not plenty of choices, yet you can select Memory, CPU or even GPU optimized VMSS.

With ARO3.11 we are locked to one IdentityProvider, Azure AD. There’s a possibility to link On-Prem ActiveDirectory to AzureAD, using AD-Connect.

Finally, I suggest creating one AzureAD-Group for your users and then assign the same group to the cluster instances you’re willing to provide ClusterAdmin access using RBAC roles later on. (Azure AD provides only with Auth and not AuthZ).

ARO 4.3 will make you dream ;) I promise.