Member of AD group doesn't show same access as AD group

Santhosh Singh (ext) 0 Reputation points
2024-08-22T11:09:04.87+00:00

Azure AD group have Service Principal as a member. and the AD group has been assigned a role of Contributor at Resource Group level. But when I Check Access of the Service Principal on Resource group. It is showing no access.

I was assuming it should show as contributor access. Please correct me if I am wrong.

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
782 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Babafemi Bulugbe 3,620 Reputation points MVP
    2024-08-22T12:08:09.8466667+00:00

    Hello Santhosh Singh (ext),

    Thank you for posting your query in the Microsoft Q&A Community.

    Your assumption that the Service Principal should inherit the "Contributor" role through its membership in an Azure AD group is correct. However, if the access is not showing up as expected, ensure that the correct Service Principal Object ID is used when checking for the assignment.

    Alternately, go to the Resource group and list all the identities with access. If you still can't see the SP, assign a role directly to the Resource Group to check.

    If this still persist after a while, I would advise you raise a Support Ticket for a more closer look.

    Let me know if further assistance is needed.

    Babafemi

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.