azure.core.exceptions.ResourceNotFoundError: (MissingSubscription) The request did not have a subscription or a valid tenant level resource provider.

Question

Azure Support Team,

Requirement: To create a custom RBAC role using Python(3.12)

Code is pasted below:

On executing the code getting the following error
azure.core.exceptions.ResourceNotFoundError: (MissingSubscription) The request did not have a subscription or a valid tenant level resource provider.

Code: MissingSubscription

Message: The request did not have a subscription or a valid tenant level resource provider.

Please note I am running this code with the required privileges(Owner account) & when I run az account show, I am able to see the subscription id, tenant id,everything.

Based on previous slutions, tried using subscriptions instead of subscription, also tried using double slash/single slash, but nothing is working in my case.

Please provide a solution for the same.

from azure.identity import DefaultAzureCredential
from azure.mgmt.authorization import AuthorizationManagementClient
from azure.mgmt.authorization.models import RoleDefinition
from azure.mgmt.resource import ResourceManagementClient


def create_custom_rbac_role(subscription_id, resource_group_name, role_definition_name, role_definition_id,
                            assignable_scopes, permissions, description):
    # Initialize Azure credentials
    credentials = DefaultAzureCredential()

    # Initialize Resource Management client
    resource_client = ResourceManagementClient(credentials, subscription_id)

    # Initialize Authorization Management client
    authorization_client = AuthorizationManagementClient(credentials, subscription_id)

    # Create custom role definition
    role_definition = RoleDefinition(
        assignable_scopes=assignable_scopes,
        permissions=permissions,
        description=description,
        role_name=role_definition_name
    )

    # Create or update role definition
    authorization_client.role_definitions.create_or_update(resource_group_name, role_definition_id, role_definition)

    print("Custom RBAC role created successfully.")


# Example usage:
subscription_id = 'your-subscription-id'
resource_group_name = 'your-resource-group'
role_definition_name = 'CustomRoleName'
role_definition_id = f"/subscriptions/{subscription_id}/providers/Microsoft.Authorization/roleDefinitions/{role_definition_name}"
assignable_scopes = ['/subscriptions/{subscription_id}']
permissions = [
    {
        "actions": ["Microsoft.Storage/storageAccounts/listKeys/action"],
        "notActions": [],
        "dataActions": [],
        "notDataActions": []
    }
]
description = 'Custom role for accessing user storage account'

create_custom_rbac_role(subscription_id, resource_group_name, role_definition_name, role_definition_id,
                        assignable_scopes, permissions, description)

Answer 1

Hi @Anup Deshpande

Thank you for your post!
It looks like you are encountering the error "azure.core.exceptions.ResourceNotFoundError: (MissingSubscription) The request did not have a subscription or a valid tenant level resource provider" while trying to create a custom RBAC role using Python.

Could you please refer the below posts which has similar issue which might help you
https://learn.microsoft.com/en-us/answers/questions/1486303/the-request-did-not-have-a-subscription-or-a-valid

https://learn.microsoft.com/en-us/answers/questions/531778/the-request-did-not-have-a-subscription-or-a-valid

https://learn.microsoft.com/en-us/answers/questions/1360676/the-request-did-not-have-a-subscription-or-a-valid
Do let us know if you any further queries.
Hope this helps. Do let us know if you any further queries.

Thanks,

Akhilesh.

---

If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.