I'm trying to deploy to AKS using azure pipeline but I get the below error message:
Failed to set Azure permission 'RoleAssignmentId: 'xxx' for the service principal 'xxx' on subscription ID 'xxx': error code: BadRequest, inner error code: RoleAssignmentUpdateNotPermitted, inner error message Tenant ID, application ID, principal ID, and scope are not allowed to be updated. Ensure that the user has 'Owner' or 'User Access Administrator' permissions on the Subscription.
I have owner role on the subscription. The app registration I use as a service connection also has owner role on the subscription.
I also noticed that the service principal stated In the error message is different from the service principal for the app registration i created. It seems Azure pipeline is creating another SP and I'm not sure why it's doing that and not using the already created one.
I am seeing the same problem and attempted the solution presented. It also did not work for me. I am now seeing this issue in two separate Azure DevOps environments.
It appears another report of this problem is present from 3/6/23: https://learn.microsoft.com/en-us/answers/questions/1186805/azure-pipelines-configuration-error-failed-to-set