I’m trying to assign "Reader" role to user under Azure subscription using Azure Python SDK. I’ve found a way to do it using Azure REST API following MS documentation https://learn.microsoft.com/en-us/azure/role-based-access-control/role-assignments-rest , but I’m not sure how to do the same…
I am working with the Az and the Graph Powershell Module, getting information about role assignments in Entra ID and Azure Resource Manager. I found that there is two commands each I can use to query information about what user…
I have an azure function to read and update the cosmos document . I enabled the identity and assigned the following roles to azure function identity(service principal). Somehow I'm seeing the following exception. Could you please let me know the…
I have a Data Factory (live mode) with a KeyVault linked service (Test connection: successful): KeyVault linked service When I try to use this linked service in a new linked service to connect to a SQL Server, it fails to…
Microsoft states that Microsoft.Authorization/roleDefinitions/read permission is needed to read RBAC role definition. It is mentioned here https://learn.microsoft.com/en-us/rest/api/authorization/role-definitions/list?tabs=HTTP However I have Azure application which has assigned empty role (having 0 permissions) and still can read role definitions. How is that possible?…
I am trying to send email using Azure Communication Service and DefaultAzureCredential from my local machine but I am getting the following error: Azure.Identity.AuthenticationFailedException: Azure CLI authentication failed due to an unknown error. See the troubleshooting guide for more information.…
What needs to be changed in the arm template below in order for it to add subscription owner role to the given principal id? The problem we are getting is that the following arm template and invocation command are assigning…
Getting no permission to add Azure roles to the account message. I am trying to add Azure role assignments to the storage account. I am creating a function app in bicep, and the next step after that is, I want…
I have a requirement to customize the contributor role at Azure Subscription level, such that, people added to that customized contributor role can NOT view or read the data from the storage account (under that subscription). This is how i'm…
Azure Resource Policy advertises itself as: Azure Policy helps to enforce organizational standards and to assess compliance at-scale. Through its compliance dashboard, it provides an aggregated view to evaluate the overall state of the environment, with the ability to drill…