Azure cli not creating role

Question

I am trying to follow this guide and am having no luck on the az ad sp create-for-rbac --role="Contributor" --scopes="/subscriptions/${SUBSCRIPTION_ID}" step. It gives me the error below. I have tried re-logging in and no luck there either. I have put in the subscription ID from when I logged in, as well.

Suggestions?

Role assignment creation failed.

role assignment response headers: {'Content-Length': '102', 
'Strict-Transport-Security': 'max-age=31536000; 
includeSubDomains', 'x-ms-failure-cause': 'gateway', 'X- 
Content-Type-Options': 'nosniff', 'x-ms-request-id': 'cac21e0b- 
021d-416f-a4a0-9f539fdf3be4', 'Expires': '-1', 'x-ms-correlation- 
request-id': 'cac21e0b-021d-416f-a4a0-9f539fdf3be4', 'Pragma': 
'no-cache', 'Cache-Control': 'no-cache', 'Date': 'Thu, 14 Jun 2018 
11:57:42 GMT', 'x-ms-routing-request-id': 
'NORTHCENTRALUS:20180614T115743Z:cac21e0b-021d-416f- 
a4a0-9f539fdf3be4', 'Content-Type': 'application/json; 
charset=utf-8'}

The subscription 'providers' could not be found.

If you want to create the role, you need to have the privilege to do this. So you need to check first. — Charles Xu, Jul 03 '18 at 06:02

score 0 · Accepted Answer · answered Jun 14 '18 at 22:51

0

From the look of it you are not assigning role to anything and the syntax might also be wrong.

az ad sp create-for-rbac -n "MyApp" --role contributor --scopes /subscriptions/{SubID}

Hope this helps.

answered Jun 14 '18 at 22:51

Hannel

651
4
9

Thanks, it sorta helps. It gives me a new error message now though, I think this one is one that my coworker needs to fix. `The client 'EMAIL' with object id 'SubID' does not have authorization to perform action 'Microsoft.Authorization/roleAssignments/write' over scope '/subscriptions/SubID'.` – Josh Kirby Jun 18 '18 at 12:58

Azure cli not creating role

1 Answers1