0

I am using Azure SDK for python to create resource using python script.After giving the required credentials like CLIENT_ID,TENANT_ID,CLIENT_SECRET,SUBSCRIPTION_ID..It throws a error message like

"msrestazure.azure_exceptions.CloudError: Azure Error: AuthorizationFailed Message: The client 'CLIENT_ID' with object id 'OBJECT_ID' does not have authorization to perform action 'Microsoft.Resources/subscriptions/resourcegroups/read' over scope ''."

(I am using azure in free trial type of subscription)

Evandro de Paula
  • 2,532
  • 2
  • 18
  • 27
im_maddy
  • 43
  • 4
  • 2
    Make sure you assign the right role for the service principal to manage the resources necessary. You can go to any subscription/resource group/resource -> *Access control (IAM)* to do this. – juunas May 21 '18 at 10:17
  • Yep, as @juunas said, it should be caused you didn't assign role to your sp via IAM. Go to azure portal > subscription > IAM > Add > choose your sp and assign one necessary role to it. Also please give us feedback if you have any process or questions on it. – Wayne Yang May 23 '18 at 06:45

1 Answers1

0

There needs to be a service principal(SP) associated with the application. Also, to assign a role to SP you need to be an 'owner' or the Azure portal does not show you that option if you are a 'contributor' in UI.

Deepak
  • 1