Share via

Insufficient privileges to complete the operation when trying to create Service Principle

Filip Curin 0 Reputation points
2024-07-16T09:18:58.7233333+00:00

Hi,

I'm trying to create a Service Principle to use Terraform to create and manage my AKS. I'm successfully logged in to Azure CLI and can list all the subscriptions and resources. My issue starts when I'm trying to use the next cli command:

SERVICE_PRINCIPAL_JSON=$(az ad sp create-for-rbac --skip-assignment --name aks-getting-started-sp -o json)

I get a response:

WARNING: Option '--skip-assignment' has been deprecated and will be removed in a future release.

ERROR: Insufficient privileges to complete the operation.

after I removed --skip-assignment and tried again with:

SERVICE_PRINCIPAL_JSON=$(az ad sp create-for-rbac --name aks-getting-started-sp -o json)

I got:

ERROR: Insufficient privileges to complete the operation.

In the documentation, it says next:

User's image

but I have both Owner and User Access Administrator roles on the subscription I'm trying to use:

User's image

Azure Kubernetes Service (AKS)
Azure Kubernetes Service (AKS)
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
1,997 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,241 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Manu Philip 17,671 Reputation points MVP
    2024-07-16T09:48:10.9833333+00:00

    Hi,

    Looks like your user account doesn't have the permission in Azure Active Directory to register applications. You can get it granted by assigning Application Developer Role to your account

    User's image

    Browse to Identity > Enterprise applications > Consent and permissions

    0 comments