The accepted answer seems inadequate, because it does not address how to know what **object id: c9e91242-b841-4102-891e-e423a03ea18a)**
actually is, or rather how to assign permissions to it when it is not a regular user.
e.g. I've seen this error, and tried a number of az
commands to find the object id
without success. In my case, at least, it is not the current az login
logged-in user; az account show
gives lots of data about that user, but no match to the object id
GUID in the error. (e.g. az account show | grep 'c9e91242-b841-4102-891e-e423a03ea18a'
would return nothing). Problem with that is, without being able to tell what that object id is, what is the command or azure portal way to assign permissions to it ....
UPDATE
If you get that error, the azure ai client might not be using the identity you expected it to use.
azure.identity has a resolution order and it might be picking up your vm Entra id etc.
You'll want to be secure in your AI calls, so pay attention to what ID the AI calls are using, e.g.
from azure.identity import AzureCliCredential # DefaultAzureCredential
project_client = AIProjectClient.from_connection_string(
credential=AzureCliCredential() # if you intend to use the cli user identity
# credential=DefaultAzureCredential(), # Will pick up vm id first if it exists
conn_str=project_connection_string
)