Share via

Issues with App Services setting up memory dump

Jeff Fazio 36 Reputation points
2024-07-23T17:32:53.01+00:00

We are running into an issue where some people are having an issue being able to select the storage account so they can run memory dump on the App Service

I created a group, added the user and added it to every role that the error keeps coming up on the storage account. One odd thing is the user is already in a group that has contributor access at the subscription level which is inherited.

Here are a couple of the errors
Encountered error while adding role 'Storage Table Data Contributor' on 'v10prodeastus'. Code:AuthorizationFailed. does not have authorization to perform action 'Microsoft.Authorization/roleAssignments/write' over scope '/subscription

Encountered error while adding role 'Storage Blob Data Contributor' on 'v10prodeastus'. Code:AuthorizationFailed. does not have authorization to perform action 'Microsoft.Authorization/roleAssignments/write' over scope '/subscription

I am able to change the storage accounts without any issue but I am also an owner. I assume I am missing something somewhere but I don't know where.

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
7,890 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Sina Salam 11,916 Reputation points
    2024-07-23T20:04:07.64+00:00

    Hello Jeff Fazio,

    Welcome to the Microsoft Q&A and thank you for posting your questions here.

    Problem

    I understand that you are having issue to set up App Services for memory dump.

    Solution

    The issue you're facing it's all about authorization issues when trying to assign roles to a storage account. For more details and how to get to the bottom of the issue.

    • Enable diagnostic logs for Azure AD and Azure RBAC. and let's review the logs to identify any specific errors or issues during role assignment.
    • Ensure there are no resource locks preventing role assignments, and try to check if any locks exist at the subscription or resource group level.
    • Try to assigning roles using both the Azure Portal and Azure CLI/PowerShell as well as using different methods can reveal underlying issues.
    • Retry the role assignment after verifying the above points and monitor the Azure Activity Log for any additional error details.

    Accept Answer

    I hope this is helpful! Do not hesitate to let me know if you have any other questions.

    ** Please don't forget to close up the thread here by upvoting and accept it as an answer if it is helpful ** so that others in the community facing similar issues can easily find the solution.

    Best Regards,

    Sina Salam

    0 comments
  2. Jeff Fazio 36 Reputation points
    2024-07-23T21:09:10.1666667+00:00

    There isn't any errors when adding the user/group. I can see the groups is added to

    Storage Blob Data Contributor
    Storage Table Data Contributor
    Storage Queue Data Contributor

    The Storage Account / App Service isn't locked

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.