Only owner has quotas in azure open AI service

Question

Only owner has quotas in azure open AI service

Ritvik 50

I have created an Azure open AI instance. I have provided the user with all the permissions related to cognitive services, cognitive search and microsoft search on the subscription level. Just to make sure that I am not missing out on anything I have provided Cognitive Services OpenAI Contributor role as well to the user. The user is able to see the open AI service and see the Deployments in OpenAI Studio. However when they try to create a new deployment the see quota limit errors. If I provide them with owner access, they are able to do it, but I want to restrict their access. Can anyone please help me out with what permissions do I need to provide in order to provide the access.

Thanks

Rani Mysore Guruswamy (MS/EMP-PS-PJ-MB) 5 Reputation points

2023-07-03T05:23:50.0733333+00:00

I too face the same issue. What is the solution for this?
AshokPeddakotla-MSFT 35,971 Reputation points Moderator

2023-07-03T05:54:30.9966667+00:00

Ritvik & Rani Mysore Guruswamy (MS/EMP-PS-PJ-MB) Greetings!

I understand that you are an account owner. OpenAI Contributor role should be sufficient permissions to deploy OpenAI models.As per the error message, Quota This issue can occur if the user has reached the quota limit for the Azure OpenAI resource.

To resolve this issue, you can try increasing the quota limit for the Azure OpenAI resource.

Quota increase requests can be submitted from the Quotas page of Azure OpenAI Studio. Please note that due to overwhelming demand, we are not currently approving new quota increase requests. Your request will be queued until it can be filled at a later time.

For other rate limits, please submit a service request.

See Manage Azure OpenAI Service quota for more details.

Ritvik

If I provide them with owner access, they are able to do it, but I want to restrict their access. Can anyone please help me out with what permissions do I need to provide in order to provide the access.

Please see How to configure Azure OpenAI Service with managed identities

Hope this helps. Do let us know if you need further help.
Rani Mysore Guruswamy (MS/EMP-PS-PJ-MB) 5 Reputation points

2023-07-03T06:00:26.1233333+00:00

Hi AshokPeddakotla-MSFT

Actually this is the first time we created the account to deploy the model. We have not deployed any model till now. So we have never utilized the quota. We thought may be we need increase quota and last Friday requested for the same. Support team said quota request is received and still no quota increase. Please support as this is blocking our project activity. The TPM limit setting is deactivated as shown below.

When you say account owner, you mean Azure subscription or OpenAI account?

Regards

Rani
Jagadish Gona 5 Reputation points

2023-07-03T06:29:44.42+00:00

Hello AshokPeddakotla-MSFT ,

I have same issue of Rani , The Default quote is empty. Do we need to have Azure account owner roles.. any IAM roles specific to Azure Open AI.

Also i have only read deployment access in IAM roles for the cognitive OpenAI Services for the contributor role.

Also i have only read deployment access in IAM roles for the cognitive OpenAI Services for the contributor role.
54027622 26 Reputation points

2023-07-03T08:20:54.3+00:00

I have created a new question, but it may be about the same phenomenon.

https://learn.microsoft.com/en-us/answers/questions/1323385/error-encountered-while-deploying-model-in-azure-o

When the phenomenon occurs, are you experiencing a successful request to Microsoft.CognitiveServices/locations/eastus/usages? Or is it returning an HTTP status 502?

You can check this using the browser's developer tool, the Network tab in F12.
Jagadish Gona 5 Reputation points

2023-07-03T08:35:33.4733333+00:00

I have encountered 502 error when i check using developer tool , Network tab. Please find below screen shot
54027622 26 Reputation points

2023-07-03T09:06:52.82+00:00

Thank you for confirming, Jagadish Gona.

It seems we are facing the same issue. Unfortunately, I don't have a solution either. If anyone has any ideas, please let us know.

Thank you in advance.
54027622 26 Reputation points

2023-07-03T09:09:25.34+00:00

Thank you for confirming, Jagadish Gona.
54027622 26 Reputation points

2023-07-04T05:49:18.7133333+00:00

We were able to deploy it with the assistance of someone with owner permissions.

For now, we will operate it using this setup.
Vince Kolb 195 Reputation points

2023-07-13T14:20:07.91+00:00

I too have the same issue and we have determined that only the "owner" of the Azure Subscription can see Quotas and create Deployments. even though I have seen other support answers say that Contributor role with "write" permissions at the Resource Group level should suffice, but it doesn't.

Has anyone gotten a reliable solution to this from support?
Carlos Omar Toscano Sosa 90 Reputation points

2023-07-13T18:28:14.4633333+00:00

Hello @Vince Kolb , maybe you could try the steps in my last answer, wait a several minutes to propagate the permissions and test.

Accepted answer

0 additional answers

Your answer

Rani Mysore Guruswamy (MS/EMP-PS-PJ-MB) 5 Reputation points

2023-07-03T05:23:50.0733333+00:00

I too face the same issue. What is the solution for this?
AshokPeddakotla-MSFT 35,971 Reputation points Moderator

2023-07-03T05:54:30.9966667+00:00

Ritvik & Rani Mysore Guruswamy (MS/EMP-PS-PJ-MB) Greetings!

I understand that you are an account owner. OpenAI Contributor role should be sufficient permissions to deploy OpenAI models.As per the error message, Quota This issue can occur if the user has reached the quota limit for the Azure OpenAI resource.

To resolve this issue, you can try increasing the quota limit for the Azure OpenAI resource.

Quota increase requests can be submitted from the Quotas page of Azure OpenAI Studio. Please note that due to overwhelming demand, we are not currently approving new quota increase requests. Your request will be queued until it can be filled at a later time.

For other rate limits, please submit a service request.

See Manage Azure OpenAI Service quota for more details.

Ritvik

If I provide them with owner access, they are able to do it, but I want to restrict their access. Can anyone please help me out with what permissions do I need to provide in order to provide the access.

Please see How to configure Azure OpenAI Service with managed identities

Hope this helps. Do let us know if you need further help.
Rani Mysore Guruswamy (MS/EMP-PS-PJ-MB) 5 Reputation points

2023-07-03T06:00:26.1233333+00:00

Hi AshokPeddakotla-MSFT

Actually this is the first time we created the account to deploy the model. We have not deployed any model till now. So we have never utilized the quota. We thought may be we need increase quota and last Friday requested for the same. Support team said quota request is received and still no quota increase. Please support as this is blocking our project activity. The TPM limit setting is deactivated as shown below.

When you say account owner, you mean Azure subscription or OpenAI account?

Regards

Rani
Jagadish Gona 5 Reputation points

2023-07-03T06:29:44.42+00:00

Hello AshokPeddakotla-MSFT ,

I have same issue of Rani , The Default quote is empty. Do we need to have Azure account owner roles.. any IAM roles specific to Azure Open AI.

Also i have only read deployment access in IAM roles for the cognitive OpenAI Services for the contributor role.

Also i have only read deployment access in IAM roles for the cognitive OpenAI Services for the contributor role.
54027622 26 Reputation points

2023-07-03T08:20:54.3+00:00

I have created a new question, but it may be about the same phenomenon.

https://learn.microsoft.com/en-us/answers/questions/1323385/error-encountered-while-deploying-model-in-azure-o

When the phenomenon occurs, are you experiencing a successful request to Microsoft.CognitiveServices/locations/eastus/usages? Or is it returning an HTTP status 502?

You can check this using the browser's developer tool, the Network tab in F12.
Jagadish Gona 5 Reputation points

2023-07-03T08:35:33.4733333+00:00

I have encountered 502 error when i check using developer tool , Network tab. Please find below screen shot
54027622 26 Reputation points

2023-07-03T09:06:52.82+00:00

Thank you for confirming, Jagadish Gona.

It seems we are facing the same issue. Unfortunately, I don't have a solution either. If anyone has any ideas, please let us know.

Thank you in advance.
54027622 26 Reputation points

2023-07-03T09:09:25.34+00:00

Thank you for confirming, Jagadish Gona.
54027622 26 Reputation points

2023-07-04T05:49:18.7133333+00:00

We were able to deploy it with the assistance of someone with owner permissions.

For now, we will operate it using this setup.
Vince Kolb 195 Reputation points

2023-07-13T14:20:07.91+00:00

I too have the same issue and we have determined that only the "owner" of the Azure Subscription can see Quotas and create Deployments. even though I have seen other support answers say that Contributor role with "write" permissions at the Resource Group level should suffice, but it doesn't.

Has anyone gotten a reliable solution to this from support?
Carlos Omar Toscano Sosa 90 Reputation points

2023-07-13T18:28:14.4633333+00:00

Hello @Vince Kolb , maybe you could try the steps in my last answer, wait a several minutes to propagate the permissions and test.

Answer 1

Carlos Omar Toscano Sosa 90

Hello everyone, I was looking into this for a few hours, and checking out the 502 error, I realized that is trying to get information from the parent subscription. We know that giving just access need it at RG level works nice, but looks that this information comes from the subscription and needs an access from there.

Just create a CustomRole with this permission:

Microsoft.CognitiveServices

Read all usages data

Assign it at subscription level to the user

Also be sure to assign any of the needed contributor roles at RG level, for example:

Cognitive Services Contributor
Cognitive Services OpenAI Contributor

Only with these permissions should work, and lets the No Owner User create a new deployment, this works fine for me.

Regards.

Vince Kolb 195 Reputation points

2023-07-13T19:39:43.5433333+00:00

@Carlos Omar Toscano Sosa your work around now allows me to see my quota info, which now is allow model selection for deployment creation. Thanks!
Vince Kolb 195 Reputation points

2023-07-21T11:53:55.3733333+00:00

this solution works and I have shared it on other similar posts. Thanks @Carlos Omar Toscano Sosa
Carlos Omar Toscano Sosa 90 Reputation points

2023-07-21T16:44:50.06+00:00

Hello @Vince Kolb , Am glad to know that. thank you for the update.

Regards.

Share via

Only owner has quotas in azure open AI service

0 additional answers

Your answer