Looking for a simple way to stop\start machine with Azure runbook

Question

I am an Azure rookie, I'm struggling to complete a runbook to start stop my VM. I keep getting permissions errors after I added myself as the virtual machine permissions contributor :

ERROR: (AuthorizationFailed) The client '6ffb2379-YYYYYYYYYYY' with object id '6ffb2379-YYYYYYYY' does not have authorization to perform action 'Microsoft.Compute/virtualMachines/start/action

Would appreciate any guidance here

Tried running this script:

az login --identity --username "my identity object ID" az vm start --name "my machine name" --no-wait --resource-group "my resource group name"

Answer 1

I agree with @wenbo, the error usually occurs if the managed identity does not have required permissions or roles to perform the operation.

Initially, I too got same error when I ran the code adding "Classic Virtual Machine Contributor" to managed identity under Azure Virtual Machine:

az login --identity --username "usermsiObjID" 
az vm start --name "vmname" --no-wait --resource-group "rgname"

Response:

To resolve the error, make sure to grant "Virtual Machine Contributor" role to user-assigned managed identity under your Azure Virtual Machine like this:

When I ran the code again after granting the role assignment, I got the response as below:

To confirm that, I checked the same in Portal where Azure VM started successfully as below: