Authorization failed when when writing a roleAssignment
I'm receiving the following error when trying to create a role assignment using terraform: Error: authorization.RoleAssignmentsClient#Create: Failure responding to request: StatusCode=403 -- Original Error: autorest/azure: Service returned an error.…
Get-AzWvdSessionHost gives error: Cannot bind argument to parameter 'SubscriptionId' because it is null.
Hi! I am getting an error, if I am tring to run the Get-AzWvdSessionHost command from a Powershell script. The error is: Cannot bind argument to parameter 'SubscriptionId' because it is null. If i am connecting in interactive mode, using…
Issue Capturing VM fortigate as an image
Hello i am trying to Capture an vm of fortigate as an image and it doesnt work does azure support capturing nva machines as an image? if no is there another way to save nva as an image ?
Azure Service Principal owner cannot reset credentials with az cli
Hello, as an Azure subscription admin I created a service principal and granted another user as Owner of the SP itself. This user is trying to reset SP credentials with command az ad sp credential reset --id <application id> but he gets the…
Azure Management Group - Cannot add subscription if Owner via Security Group
I'm building an Azure Management Group structure where I'm having issues with the add subscription option to a sub-management group where the option is grayed out when Owner role is assigned via and AAD Security group. So in short, does Azure Management…
Azure RBAC and AKS not working as expected
Hello, I have create an AKS Cluster with AKS-managed Azure Active Directory and Role-based access control (RBAC) Enabled. If I try to connect with the Cluster by using one of the accounts which are included in the Admin Azure AD groups…
Azure PIM for global reader role - No resources to discover
Hi everyone, I'm currently testing Azure PIM to delegate read permissions to our Azure tenant. I've assigned with PIM the "Global reader" role for a test account, which has validated the access. The scope defined is…
Azure - Failed to delete public IP address The client 'XXX@XXXX.com' with object id XYZ does not have authorization to perform action 'Microsoft.Network/publicIPAddresses/delete' over scope 'XYZ'
User is global administrator. Cannot delete resources in the tenancy. Any idea why? Failed to delete public IP address 'XYZ'. Error: The client 'Tech.XYZ@Anonymous .com' with object id 'XYZ' does not have authorization to perform action…
How to get assigned RBAC roles in a resource group which has only apps and managed identities as owners and administrators?
I want myself to have Managed Identity Contributor role in an azure resource, but I cant find the admin or owner. Only managed identities and apps are listed as owners and administrators. Whom to ask for role assignment?
Azure Subscription showing Owner role identity not found.
Hello, I am facing a strange issue. When I am checking my Azure Subscription, Access control (IAM) - The owner role is showing - Identity not found, Unable to find identity. Here is the screenshot. Can you help? Thanks, Anuraj
How to grant end user Reader access to Entra Permission Management Portal
I want to test Entra Prmission Management. I enabled 30-days Free trial. As I am Global Admin, I can launch the portal and can see Discovery and Remediation. But I want to grant access to my team who can login to Entra Permission Management Portal and…
From Azure AD Registered To Azure AD Joined
My organization has 500+ Azure AD registered devices(Remote Too). Now we want to mange these devices with Intune and want to convert these devices from Azure AD registered to Azure AD joined. What is the best way to do the same?
RBAC - Which Role type would give admins to create email alias in "Microsoft 365" group?
Which Role type would give admins to create email alias in "Microsoft 365" group? I have tried exchange admin and group admin but still no luck for Microsoft 365 groups?
Azure Subscription: The client 'live.com#' with object id '' does not have authorization to perform action
When I try to open my azure subscription I get the following Info: The client 'live.com#' with object id '' does not have authorization to perform action
How to access virtual machines on my network
My place have added me to the work network on Azure however when i login it says i don't have a subscription, so i can't see any of the virtual machines or anything like that, all i can see is the Azure active directory and manage the users in there. I…
Azure VM & AAD of another tenancy
One of my C-Suite has asked/instructed for something to be done which I'm not sure is possible and I'm looking for some confirmation. VM-1 is in Tenancy Alpha, with AAD alpha.com C-Suite wants VM-1 to remain in Tenancy Alpha but be connected to…
Azure deny access role
Hi.. How i can prevent some user to access some resource in azure? Example i want to block some user from accessing cost management dashboard..
Change Azure AD Role Settings using Powershell
Hi I have been asked by a client to change all the role settings for their PIM requirements. I have been looking at this for a while trying to figure out whether this can be updated in bulk using PowerShell but I have not found anything as yet. …
Unable to assign group to configuration profile policy create in Microsoft Endpoint Manager
Hello, I can create Configuration profile but unable to include group of a test device group. I was able to include the group during the creation, but after review+save, the configuration profile was successfully created but after I check back in the…
If a user is granted reader role on subscription level, but I want to remove his readre role for a particular resource group under this subscription
if a user is granted owner role on subscription level, but I want to remove his owner role for a particular resource group under this subscription. I understand this can be achieved by deny assignment. Therefore wants to know how to create blueprint for…