![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(19.2, 44%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESB%3C/text%3E%3C/svg%3E)
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
2,845 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(288, 10%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAP%3C/text%3E%3C/svg%3E)
Hello Sidney Bastos,
Thank you for posting your query here!
I understand that you're trying to add a virtual network (VNet) from one subscription to a storage account in another subscription. While doing this, you're getting an error that says you don't have the necessary permission to complete the action.
Please ensure that the service principal or user has the necessary permissions on the virtual network in the other subscription. Specifically, they need the ‘Microsoft.Network/virtualNetworks/subnets/join/action permission’. This is typically included in the Network Contributor role.
Since you mentioned you are the Owner of the subscription, necessary permissions to configure networking settings on the storage account should already be covered.
If you’ve recently granted permissions or made changes, try refreshing your credentials by signing out and signing back in to the Azure portal. Sometimes, cached credentials can cause issues.
Also, a similar issue is discussed in the Answer section of the following SO thread: https://stackoverflow.com/questions/54155808/the-client-with-object-id-does-not-have-authorization-to-perform-action-taggedtr
Further reference: https://stackoverflow.com/questions/66949703/whitelisting-cross-tenant-subnet-in-storage-account-firewall-in-azure
If these steps do not help, please let us know and we will need to investigate the issue further from our end.
Do let us know if you have any further queries. I’m happy to assist you further.
Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.