Error when running Azure IoT Ops quickstart guide

Question

I am following the instructions on the Azure IoT Ops Quickstart guide on Microsoft Learn: https://learn.microsoft.com/en-us/azure/iot-operations/get-started/quickstart-deploy. However, I am encountering an error when running this command:

az iot ops init --simulate-plc --cluster $CLUSTER_NAME --resource-group $RESOURCE_GROUP --kv-id $(az keyvault show --name ${CLUSTER_NAME:0:24} -o tsv --query id)

Full output:

$ az iot ops init --simulate-plc --cluster $CLUSTER_NAME --resource-group $RESOURCE_GROUP --kv-id $(az keyvault show --name ${CLUSTER_NAME:0:24} -o tsv --query id)
Command group 'iot ops' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
                                                                                                                                                                                                    
Azure IoT Operations init                                                                                                                                                                           
Workflow Id: <workflow_id>                                                                                                                                                       
                                                                                                                                                                                                    
   Pre-Flight                                                                                                                                                                                       
     ✔ Ensure registered IoT Ops resource providers                                                                                                                                                 
     ✔ Enumerate pre-flight checks                                                                                                                                                                  
     ✔ Verify What-If deployment                                                                                                                                                                    
-> Key Vault CSI Driver                                                                                                                                                                             
     ✔ Verify Key Vault '<key_vault_name>' permission model                                                                                                                                 
     * To create app                                                                                                                                                                                
     - Configure access policy                                                                                                                                                                      
     - Ensure default SPC secret name 'azure-iot-operations'                                                                                                                                        
     - Test SP access                                                                                                                                                                               
     - Deploy driver to cluster 'v1.5.2'                                                                                                                                                            
     - Configure driver                                                                                                                                                                             
   TLS                                                                                                                                                                                              
     - Generate test CA using 'secp256r1' valid for '365' days                                                                                                                                      
     - Configure cluster for tls                                                                                                                                                                    
   Deploy IoT Operations - v0.5.0-preview                                                                                                                                                           
                                                                                                                                                                                                    
⠇ DONE! ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━   Elapsed: 0:00:40                                                                                                                                 
                                                                                                                                                                                                    
Forbidden({"error":{"code":"Authorization_RequestDenied","message":"Insufficient privileges to complete the operation.","innerError":{"date":"2024-05-21T08:03:55","request-id":"<request_id>","client-request-id":"<client_request_id>"}}})

Unsure how to proceed. Any advice?

Answer 1

Turned out to be a problem with permissions on the subscription. I did not have enough permissions to run this command. I suspect you need Owner.