0

I created an application in azure active directory like below

image

I am trying to add a Storage Blob Data Contributor role assignment for azure active directory service principal to operate on the storage account level through PowerShell

whenever i try to run the below command

   New-AzRoleAssignment -Serviceprincipal <Serviceprincipal name> -RoleDefinitionName "Storage Blob Data Contributor" -Scope "/subscriptions/<subscriptionsID>/resourceGroups/<resourcegrp name>/providers/Microsoft.Storage/storageAccounts/<storageacc name>"

I am getting the error as below.please help me with the solution

New-AzRoleAssignment: Operation returned an invalid status code 'NotFound'

william
  • 3
  • 1

1 Answers1

0

I tried to reproduce the same in my environment I got same error like below.

enter image description here

To resolve this issue check whether you have provided correct endpoints and service principal ID try to use this scope in storage account endpoint like below.

In your storage account -> Under setting -> Endpoint -> Storage account resource

enter image description here

When I try to run the below command, I got result successfully.

New-AzRoleAssignment -Serviceprincipal <Serviceprincipal name> -RoleDefinitionName "Storage Blob Data Contributor" -Scope "/subscriptions/<subscriptionsID>/resourceGroups/<resourcegrp name>/providers/Microsoft.Storage/storageAccounts/<storageacc name>"

enter image description here

To check in portal, finally Storage Blob Data Contributor role is added successfully like below.

enter image description here

Imran
  • 3,875
  • 2
  • 3
  • 12