Create Azure VM with Azure SDK

Question

Hello Microsoft team I hope you're doing well.

At the moment I'm trying to create VMs with azure SDK I've copied the code then I added the variables In there right place .

Then when I run the code it gives me this error "RestError: The client 'XX' with object id 'XX' does not have authorization to perform action 'Microsoft.Resources/subscriptions/resourcegroups/write' over scope '/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourcegroups/diberry-testrg6261' or the scope is invalid. If access was recently granted, please refresh your credentials."

I searched a lot for a solution, and I found that there is a problem in the permission but I don't know which one I should use for my issue between all of that permissions

I hope you can help me solve this problem

Thanks for your time.

Answer 1

Hello, @cloud VM !

How do I authenticate while using an Azure SDK to create a VM? I'm running into an authorization/scope is invalid error.

Specific guidance will depend on which of the Azure SDKs you are using but this is due to a missing step in authentication configuration (usually in the IAM stage). Each has specific authentication documentation which will go through the steps required:

• .NET: How to authenticate .NET apps to Azure services using the .NET Azure SDK
• Java: Azure authentication with Java and Azure Identity
• JavaScript/TypeScript: Getting started with user authentication on Azure
• Python: Authenticate Python apps to Azure services by using the Azure SDK for Python

With most of the initial SDKs outside of JavaScript, you can use either a service principal or your credentials (as long as you are already signed into one of the supported IDEs or CLIs) as covered with these .NET examples:

• Authenticate NET apps to Azure services during local development using service principals
• Authenticate .NET apps to Azure services during local development using developer accounts

For JavaScript/TypeScript, you'll want to go through the getting started documentation for authentication which will cover:

https://learn.microsoft.com/en-us/azure/developer/javascript/how-to/with-authentication/getting-started?view=azure-node-latest&tabs=no-code%2Cno-code-credential

• Create an app registration
• Collect app registration information for MSAL integration
• Find an MSAL sample for your scenario
• Integration with DefaultAzureCredential

I hope this helps!