Who can share files to people outside your organization
a member of the teams site is not allowed to share a document with a person outside the org. Iam the site owner and can share. Only owners can do that?
All my resources within my resource group just went missing
I'm testing some stuff within my Visual Studio Enterprise subscription and created a resource group with quite a lot of resources (SQL DB, SQL Server, Azure Function app, Application Insights..). However, today I noticed that now all of these resources…
Need Help: IMAP OAuth2 Authentication Issue for Outlook.com
Hey everyone, we're hitting a wall trying to get IMAP access for an Outlook.com mailbox using OAuth2. We're always getting an AUTHENTICATE failed error, even though we've set up Azure AD, got the right permissions, and grabbed the access tokens. We're…
How to Restrict Azure Cloud Shell Access to a Specific Azure Entra ID Group
I’m looking for guidance on how to restrict access to Azure Cloud Shell for all users in my organization by default. I want to allow access only to members of a specific Azure Entra ID group. The goal is to enhance security by ensuring that only…
Azure IAM custom roles not visible in add role assignment
I have created one Azure custom roles and I can see these role is available in roles section in IAM but when I try to assign this to service principal, I could not see this custom role.
Unable to turn on Application Insights while creating Function App with non-Owner user
The setting I used: And this image shows the difference between Owner and another user trying to enable Application Insights: The user has a "Contributor" role at the resource group "DefaultResourceGroup-SEA" scope…
we have our Azure web apps and this had an issue yesterday .the node was low on memory and front end stopped .
we have opted for Azure -Pay as you go plan . Yesterday the warnign came : node was low on resoure memory .Threshold quantity 750Mi , available 703984Ki.Container was using 1584984Ki request is 500Mi, has larger consumtion of memory. The application…
What happens after I enable any RBAC Role as PIM enabled role?
I have a question on PIM (Privileged Identity Management). Let say, Users A, B, C, D, E have Reader role on subscription ABC right now. This is standing permanent access before enabling PIM. Now, we enable PIM, enable on this ABC subscription on this…
New-MgServicePrincipalAppRoleAssignedTo : Insufficient privileges to complete operation
Hello. I have a logic app that needs specific roles assigned to it in order to function properly, so I have been using the Microsoft.Graph cmdlet New-MgServicePrincipalAppRoleAssignedTo to assign those roles. First, I have my powershell script assign…
How to Create a custom RBAC role to provide access to a specific container in cosmosdb
Hi Microsoft Support Team, I’m reaching out for assistance with creating a custom RBAC role that provides access to a specific container within a Cosmos DB account. I followed the instructions outlined in…
Mutliple Admin Account Removal
Team, I want to use power user right concept and want to create a single admin account. I want to convert the current admin accounts in to Power user accounts to limitize the admin rights of the user for accesing and installing applications and…
Restore the owner for my free subscription
Hi everyone, Accidentally I deleted the owner role of my free subscription. Is there any way to restore my permissions? The option for cancelling and reactivating the subscription is not on the table, as I don't have permissions. Could anyone pls…
Create Custom Role
I have the following error when creating a custom role: with object id 26f83ad1-0683-493e-a0f1-fceSfc67332* does not have authorization to perform action Microsoft. Authorization/roleDefinitions/write over scope…
I am uanble to upgrade my account because my billing access was changed automatically by Azure
Recently my account was disabled. I would like to find out how to enable it and upgrade it. Its not letting me upgrade.
Prevent users from creating azure subscriptions in tenant
Hi Team, Is there any option to prevent the users from creating azure subscriptions in tenant. Only Global admin should have access for creating subscription and other users should not have option to create subscription in tenant level
Application gateway listener error when trying to use key vault certificate using managed identity and RBAC
Hi, I'm trying to setup a listener in application gateway to use a certificate from keyvault using managed identity. But every time whne I choose in portal the managed identity and then select the key vault from the dropdown menu I get this error: …
Forbidden Error When Assigning 'Contributor' Role to Service Principal in Aadiam Scope
I'm encountering an issue when trying to run the following PowerShell command: New-AzRoleAssignment -ObjectId $objectId -Scope "/providers/Microsoft.aadiam" -RoleDefinitionName 'Contributor' -ObjectType 'ServicePrincipal' I have Global Admin…
Getting 403 error in Terraform while assigning RBAC in Azure
I have correct access (Owner) and able to assign RBAC through portal but not Terraform. │ Error: authorization.RoleAssignmentsClient#Create: Failure responding to request: StatusCode=403 -- Original Error: autorest/azure: Service returned an error.…
Unable to Assign Global Admin Roles in Microsoft 365 due to GDAP Issues
None of our users in MS365 admin center has global admin rights. We do not have the rights to assign global admin rights to ourselves in MS Admin Center Our MS365 provider cannot help us since there is no active GDAP. Our MS365 provider has tried…
Connect to CloudShell
Hi, I have granted one of my users access to Azure Kubernetes Service. The user wants to connect to Azure Cloud Shell from the Azure portal but is unable to do so, as connecting to Azure Cloud Shell requires a storage account, and the user does not have…