While deploying hub and spoke architecture on Azure facing problem while creating azure policy in network manager

Question

The error is:

Creating Azure Policy Definition 'VNetAZPolicy' in network group 'myNetworkGroupB' failed for scope '/subscriptions/d28de36d-8cb0-4da7-b1ae-b4beaa86b4aa'. Error:'The client with object id '921743ea-b50a-4a64-b2d4-4af3e7d48605' does not have permission to perform action(s) 'Microsoft.Network/networkManagers/networkGroups/join/action'

The link I was following:

[https://learn.microsoft.com/en-us/azure/virtual-network-manager/tutorial-create-secured-hub-and-spoke

Note: I stuck at steps '6' to '8' under the heading "Create a dynamic network group"

Answer 1

@Chitresh Mathur

Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

I understand that you are facing permission issues with creating a Dynamic Network Group.

It appears that you do not have the required permissions as listed below,

Refer : [https://learn.microsoft.com/en-us/azure/virtual-network-manager/concept-azure-policy-integration#required-permissions

Make sure you have the required permissions and try again.

Please let me know if this helps or you require further assistance on this.

Cheers,

Kapil