Reputation: 95
Unhandled Exception: Microsoft.Rest.Azure.CloudException
I received this error:
Unhandled Exception: Microsoft.Rest.Azure.CloudException: The client 'XXX' with object id 'XXX' does not have authorization to perform action 'Microsoft.Resources/subscriptions/resourcegroups/write' over scope '/subscriptions/YYY/resourcegroups/FluentRG' or the scope is invalid. If access was recently granted, please refresh your credentials.
I have logged in my Azure Account into VS Code, and I have granted permission to my email address as a contributor in my current subscription. Still, this exception is seen.
using System;
using Microsoft.Azure.Management.Compute.Fluent;
using Microsoft.Azure.Management.Compute.Fluent.Models;
using Microsoft.Azure.Management.Fluent;
namespace RESTApp
{
class Program
{
static void Main(string[] args)
{
var azure = Azure.Authenticate("Azure-authentication.txt").WithDefaultSubscription();
Console.WriteLine("Creating a new VM...");
var windowsVM = azure.VirtualMachines.Define("VMCreatedWithFluent")
.WithRegion("West Europe")
.WithNewResourceGroup("FluentRG")
.WithNewPrimaryNetwork("10.0.0.0/28")
.WithPrimaryPrivateIPAddressDynamic()
.WithNewPrimaryPublicIPAddress("fluentdns")
.WithPopularWindowsImage(KnownWindowsVirtualMachineImage.WindowsServer2012Datacenter)
.WithAdminUsername("serverAdmin")
.WithAdminPassword("mySuperSecurePassword18")
.WithSize(VirtualMachineSizeTypes.StandardDS3V2)
.Create();
Console.WriteLine("Successfully created a new VM: {0}!", windowsVM.Id);
Console.WriteLine("Press any key to exit...");
Console.ReadLine();
}
}
}
Upvotes: 2
Views: 844
Answers (1)
Reputation: 42043
I found the blog that you suppose to refer to(as the code is the same as yours and also uses Azure-authentication.txt to auth).
In this blog, it uses the service principal credentials in Azure-authentication.txt to auth, not your logged user account, to solve the issue, you need to assign an RBAC role to your service principal, just follow the step Setting up a Service Principal in the blog.
You can also do it in the portal, if you follow this blog exactly, the service principal is named FluentAPIApp, just navigate to the subscription in the portal -> Access control (IAM) -> search for its name and assign a Contributor to it like below.
Upvotes: 2
Related Questions
- Api error System.ArgumentException: Format of the initialization string does not conform to specification starting at index 258
- Rest Call to Azure
- Exception of type 'Microsoft.Rest.Azure.CloudException' was thrown
- Azure API Management "Could not complete the request. Please try again later."
- REST API Azure Error: 'Microsoft.Rest.HttpOperationException' Operation returned an invalid status code 'Created'
- Azure storage API for common REST API Error codes
- 400.0 Bad Request on REST API on Azure Web Site
- REST API: Create Deployment throwing error BadRequest
- Server failed to authenticate the request
- Windows Azure: Argument Exception was unhandled