Reputation: 47
Azure CLI authorization failed when running locally
I'm trying to create a resource group and then deploy a Cosmos DB account using the Azure CLI installed on Ubuntu 20.
I keep getting an authorisation failed error (The client XXXX with object id XXXX does not have authorization to perform action 'Microsoft.Resources/subscriptions/resourcegroups/read' over scope.....)
Similar error when I try to create service principal with RBAC
I'm an Owner on the subscription, and it works with no problem in the cloud shell.
I logged in with az login
Upvotes: 1
Views: 1374
Answers (1)
Reputation: 1389
The The client XXXX with object id XXXX does not have authorization to perform action 'Microsoft.Resources/subscriptions/resourcegroups/read' over scope.....) error is because you do not have access to read the resource group which is due to role issue.
So, either give contributor role which has privilege to manage all resources or Cosmos DB Account Reader Role which has Privilege to get or list resource group.
But to assign any role, you need to have user administrator or owner role.
Reference- role-based-access-control-built-in-roles.
Upvotes: 0
Related Questions
- Azure cli cant connect due to Invalid client secret provided
- Error while installing azure-cli manually
- Azure CLI won't login on MacOS
- Using azure cli from virtual machine
- az login command fails - Azure cli
- azure CLI not failing when it should
- How do I run Azure Cli Script using my local Azure Cli installation
- Azure cli Azure Devops error: The user '' is not authorized to access this resource
- Logging into account through Azure CLI failed
- Azure CLI initialization saying invalid login?