Share via

Move Subscription to Management Group

SujinaSJ-1789 271 Reputation points
2024-03-22T16:08:22.57+00:00

Hi Team,

We have created management groups (have Owner access) and have a few subscriptions with Owner access. When we try to move the subscriptions to the management groups from portal , getting error as below

Add subscription failed. An error occurred. {"code":"BadRequest","message":"Permission to write and delete on resources of type 'Microsoft.Authorization/roleAssignments' is required on the subscription or its ancestors.

Tried using Azure CLI and getting the same error:

Message: Permission to write and delete on resources of type 'Microsoft.Authorization/roleAssignments' is required on the subscription or its ancestors.

Person with Global Admin access also tried the same and getting this error.

As per my understanding Owner access has roleAssignment permission in it. What else need to be completed in-order to move the subscription to management group?

Azure Role-based access control
Azure Role-based access control

An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.

0 comments

Answer accepted by question author

  1. Marcin Policht 89,325 Reputation points MVP Volunteer Moderator
    2024-03-22T16:57:00.84+00:00

    Have the person with the Global Admin role step through the following procedure first:

    https://learn.microsoft.com/en-us/azure/role-based-access-control/elevate-access-global-admin?tabs=azure-portal

    and then try again

    hth

    Marcin

    Was this answer helpful?

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.