Stack Overflow
Stack Overflow

Questions tagged [azure-rbac]

Topics relating to Azure Role Base Access Control

264 questions
0
votes
1 answer

Create custom directory role from MS graph or Powershell

I want to create custom directory role with specific permissions like: microsoft.directory/users/* microsoft.directory/groups/* microsoft.directory/applications/* microsoft.directory/serviceprincipals/* If I create role from Portal, it asks me to…
Sanam7
  • 21
  • 5
0
votes
2 answers

Azure - Restrict Role Assignments to Managed Identities and Service Principals

Our Azure engineers need to be able to manage the identity and permissions used to run the software they deploy to the cloud. However, granting them the ability to assign RBAC roles also allows them to assign permissions for any AD User or…
STW
  • 44,917
  • 17
  • 105
  • 161
0
votes
2 answers

Why doesn't Azure Policy apply to Delete operations?

Azure Resource Policy advertises itself as: Azure Policy helps to enforce organizational standards and to assess compliance at-scale. Through its compliance dashboard, it provides an aggregated view to evaluate the overall state of the environment,…
STW
  • 44,917
  • 17
  • 105
  • 161
0
votes
2 answers

Azure - prevent Subscription Owner from modifying specific Resource Group?

I'm exploring options for securing some Azure resources within a subscription from tampering, even by subscription owners. The intent is to standardize our subscriptions which are used by other teams for their engineering. We've considered giving…
STW
  • 44,917
  • 17
  • 105
  • 161
0
votes
1 answer

Invalid status code not found error while using New-AzRoleAssignment

I created an application in azure active directory like below image I am trying to add a Storage Blob Data Contributor role assignment for azure active directory service principal to operate on the storage account level through PowerShell whenever i…
william
  • 3
  • 1
0
votes
1 answer

Minimum RBAC permission needed to view all Azure Container Groups within the Resource Group?

My logic app creates new container groups within same Resource Group. I have contributor RBAC role on logic app, but I don't have any RBAC role at Resource Group level. What RBAC role should I ask so that I can view all Azure Container Groups that…
Aniket Karajgikar
  • 245
  • 2
  • 13
0
votes
1 answer

Inconsistent authorization warning and error while using az storage entity query

When I issue the following command: az storage entity query --account-name acc1 --table-name table1 I successfully get my query result with the following warning: There are no credentials provided in your command and environment, we will query for…
Allan Xu
  • 7,998
  • 11
  • 51
  • 122
0
votes
1 answer

AKS w Azure RBAC - Flux-Applier cluster-admin ClusterRoleBinding apparently not working

I have an AKS cluster configured with enableAzureRBAC=true I am trying to install the ingress-nginx Helm chart through Flux It throws the error reconciliation failed: failed to get last release revision: query: failed to query with labels: secrets…
Josh
  • 1,648
  • 8
  • 27
  • 58
0
votes
1 answer

Unable to Update RBAC role using Azure DevOps Pipeline

I am using Azure Devops Pipeline. I create a ServiceConnection in Azure Devops and added an Service Principal in it. Agent i am using is 'ubuntu-latest' I created a powershell task in pipeline - task: AzureCLI@2 displayName: 'Assign Role' …
ABC DEF
  • 189
  • 2
  • 14
0
votes
1 answer

Invalid authentication info error when using Azure AD and Azure Storage PUT API

I'm trying to upload a file to a container in Azure Storage using Azure Active Directory (AAD) Authentication and REST API's. I can't figure out what is missing in the workflow below, but it always fails. How it works: A service principal (SP) was…
ericOnline
  • 1,586
  • 1
  • 19
  • 54
0
votes
1 answer

list ACL for storage

i want to list access that were provided on storage via ACL. Is there a API solution for this? I want to list all entities (AD group, Service Principal etc) (like one marked in green) that has access to storage via ACLs Idea is to create audit…
Rakesh Prasad
  • 602
  • 1
  • 13
  • 32
0
votes
1 answer

Unable to deploy ARM template with all required Permissions

My requirement is to deploy an arm template using Azure pipelines. I am referring to this document Deploying ARM Templates using Azure DevOps Pipelines – Thomas Thornton I don't think I have missed anything. But I got the below error: Exception…
Boris87
  • 3
  • 1
0
votes
1 answer

How to assign a particular admin role to an Azure AD application?

I hope someone can help.. I have a registered application (TestApp3), with which I connect successfully using: Connect-AzureAD -TenantId $tenant -CertificateThumbprint $thumb -ApplicationId $applicationID Now once connected, I need to assign users…
Andrew Stevens
  • 105
  • 1
  • 2
  • 12
0
votes
1 answer

How to enable Privileged Identity Management(PIM) for Storage blob data reader role in Azure

I have a Azure storage account and in that there are multiple containers. I need to give access to particular container using security group ( /via access package). Considering least privileged access in Azure, how can I enable giving access to my…
AskMe
  • 2,495
  • 8
  • 49
  • 102
0
votes
1 answer

Failed to load one or more resources error when moving resources to different subscription

I am performing move operation for resources in one subscription to another subscription. I have resources like storage accounts, Key vaults etc in my subscription. All resources are moving without any error except Data Lake Gen2 accounts. I am…
Sindhu M S
  • 15
  • 3
1 2 3
17 18