Share via

While deploying hub and spoke architecture on Azure facing problem while creating azure policy in network manager

Chitresh Mathur 20 Reputation points
2023-01-23T19:03:35.78+00:00

The error is:

Creating Azure Policy Definition 'VNetAZPolicy' in network group 'myNetworkGroupB' failed for scope '/subscriptions/d28de36d-8cb0-4da7-b1ae-b4beaa86b4aa'. Error:'The client with object id '921743ea-b50a-4a64-b2d4-4af3e7d48605' does not have permission to perform action(s) 'Microsoft.Network/networkManagers/networkGroups/join/action'

The link I was following:

[https://learn.microsoft.com/en-us/azure/virtual-network-manager/tutorial-create-secured-hub-and-spoke

Note: I stuck at steps '6' to '8' under the heading "Create a dynamic network group"

Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,312 questions
Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
836 questions
Accepted answer
  1. KapilAnanth-MSFT 41,491 Reputation points Microsoft Employee
    2023-01-24T18:27:13.34+00:00

    @Chitresh Mathur

    Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

    I understand that you are facing permission issues with creating a Dynamic Network Group.

    It appears that you do not have the required permissions as listed below,

    Refer : [https://learn.microsoft.com/en-us/azure/virtual-network-manager/concept-azure-policy-integration#required-permissions

    User's image

    Make sure you have the required permissions and try again.

    Please let me know if this helps or you require further assistance on this.

    Cheers,

    Kapil

    1 person found this answer helpful.
    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest