Reputation: 2056
Azure Powershell script throwing 'Forbidden'
I have a powershell script that is throwing error. I am trying to create an Alert Action Group through powershell. The last line is throwing error.
$TenantId = Get-AzTenant | select Id
Connect-AzAccount -TenantId $TenantId.Id -SubscriptionName $SubscriptionName
$Receiver1 = New-AzActionGroupReceiver -Name $ActionGroupReceiver -EmailReceiver -EmailAddress $EmailAddress
Set-AzActionGroup -Name $ActionGroup -ResourceGroup $Rg -ShortName $ActionGroupShortName -Receiver $Receiver1
I have Owner access to the subscription and can confirm that all of these variables have appropriate values. The same code worked for a different subscription in the same tenant where I have contributor access. This is probably an access issue however I am not able to figure why I am getting Forbidden even with Owner access.
Edit - Error text Set-AzActionGroup : Exception type: ErrorResponseException, Message: Microsoft.Azure.Management.Monitor.Models.ErrorResponseException: Operation returned an invalid status code 'Forbidden' at Microsoft.Azure.Management.Monitor.ActionGroupsOperations.d__5.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.Azure.Management.Monitor.ActionGroupsOperationsExtensions.d__1.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.Azure.Management.Monitor.ActionGroupsOperationsExtensions.CreateOrUpdate(IActionGroupsOperations operations, String resourceGroupName, String actionGroupName, ActionGroupResource actionGroup) at Microsoft.Azure.Commands.Insights.ActionGroups.SetAzureRmActionGroupCommand.ProcessRecordInternal() at Microsoft.Azure.Commands.Insights.MonitorCmdletBase.ExecuteCmdlet(), Code: Null, Status code:Null, Reason phrase: Null At C:\Users\YashTamakuwala\Desktop\live_traffic\Alerts\Alerts\CreateActionGroup.ps1:25 char:1
- Set-AzActionGroup -Name $ActionGroup -ResourceGroup $Rg -ShortName $A ...
-
+ CategoryInfo : CloseError: (:) [Set-AzActionGroup], PSInvalidOperationException + FullyQualifiedErrorId : Microsoft.Azure.Commands.Insights.ActionGroups.SetAzureRmActionGroupCommand
Upvotes: 0
Views: 1450
Answers (1)
Reputation: 2056
I found the problem. I tried performing the same action through portal but couldn't. Got this error. 
There were policies in place to prevent such activities. Also, the requests from powershell are tracked in Activity Logs which in hindsight, I should have looked into. So I temporarily disabled the policies and was able to run the script successfully.
Upvotes: 0
Related Questions
- Windows Powershell issue on windows 10 for Azure
- Powershell script completes but exits with error code 1
- Insufficient privileges to complete the operation - Azure Active Directory
- Powershell Script working fine in Visual Code but fails running from Terminal
- Azure AD Powershell : Grant consent failed with error: Application is requesting permissions that are either invalid or out of date
- Get-AzureKeyVaultSecret : Operation returned an invalid status code 'Forbidden'
- "Unary Operator Expected" error when deploying ps1 script using Azure Cloud Shell
- Manage azure cloud via PowerShell - access problem
- Azure Powershell Job throws Error : Operation returned an invalid status code 'Forbidden'
- Can't run ps script from code. Issue with ExecutionPolicy