Move Subscription to Management Group

SujinaSJ-1789 226 Reputation points
2024-03-22T16:08:22.57+00:00

Hi Team,

We have created management groups (have Owner access) and have a few subscriptions with Owner access. When we try to move the subscriptions to the management groups from portal , getting error as below

Add subscription failed. An error occurred. {"code":"BadRequest","message":"Permission to write and delete on resources of type 'Microsoft.Authorization/roleAssignments' is required on the subscription or its ancestors.

Tried using Azure CLI and getting the same error:

Message: Permission to write and delete on resources of type 'Microsoft.Authorization/roleAssignments' is required on the subscription or its ancestors.

Person with Global Admin access also tried the same and getting this error.

As per my understanding Owner access has roleAssignment permission in it. What else need to be completed in-order to move the subscription to management group?

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
654 questions
0 comments No comments
{count} votes

Accepted answer
  1. Marcin Policht 8,260 Reputation points MVP
    2024-03-22T16:57:00.84+00:00

    Have the person with the Global Admin role step through the following procedure first:

    https://learn.microsoft.com/en-us/azure/role-based-access-control/elevate-access-global-admin?tabs=azure-portal

    and then try again


    hth

    Marcin


0 additional answers

Sort by: Most helpful