Cisco vManage not able to connect to Azure

Jatinder sharma 1 Reputation point
2022-02-28T20:04:01.057+00:00

Invalid Cloud/Interconnect account credentials: Azure Error: AuthorizationFailed Message: The client '10684446-6765-49ea-ae13-704cc1846a44' with object id '10684446-6765-49ea-ae13-704cc1846a44' does not have authorization to perform action 'Microsoft.Resources/subscriptions/read' over scope '/subscriptions/83d2418c-adfc-47c1-b00d-ce3ababd7e35' or the scope is invalid. If access was recently granted, please refresh your credentials.

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
662 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,428 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. JamesTran-MSFT 36,361 Reputation points Microsoft Employee
    2022-03-01T23:43:30.56+00:00

    @Jatinder sharma
    Thank you for your post!

    From the error message, can you make sure the client that you're using 704cc1846a44, has the correct permissions over your subscription ce3ababd7e35?

    1) You can check by navigating to the Azure Portal.
    2) Navigate to Subscriptions
    3) Select Access Control (IAM) -> Role Assignments
    4) Make sure that the client you're using has the correct permissions:

    The Microsoft.Resources/subscriptions/read action can be found under the following roles. For more info.
    Azure Kubernetes Service RBAC Admin
    Azure Kubernetes Service RBAC Cluster Admin
    Azure Kubernetes Service RBAC Reader
    Azure Kubernetes Service RBAC Writer

    179024-image.png

    If you have any other questions or if this doesn't resolve your issue, please let me know.
    Thank you for your time and patience throughout this issue.

    Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.