Not able to create azure service connection

Cloud AZURE
#1

not able to create azure service connection in azure d

error
error1225×415 34.2 KB

evops

#2

I’m also facing the same issue and trying to find a workaround.

root@Jack:~# az ad sp create-for-rbac --role=“Contributor” --scopes=“/subscriptions/a2b28c85-1948-4263-90ca-bade2bac4df4”
Creating ‘Contributor’ role assignment under scope ‘/subscriptions/a2b28c85-1948-4263-90ca-bade2bac4df4’
Role assignment creation failed.

role assignment response headers: {‘Cache-Control’: ‘no-cache’, ‘Pragma’: ‘no-cache’, ‘Content-Length’: ‘527’, ‘Content-Type’: ‘application/json; charset=utf-8’, ‘Expires’: ‘-1’, ‘x-ms-failure-cause’: ‘gateway’, ‘x-ms-request-id’: ‘6ea57b25-a095-4d5b-b1e2-d65990256b44’, ‘x-ms-correlation-request-id’: ‘6ea57b25-a095-4d5b-b1e2-d65990256b44’, ‘x-ms-routing-request-id’: ‘SOUTHCENTRALUS:20240924T074558Z:6ea57b25-a095-4d5b-b1e2-d65990256b44’, ‘Strict-Transport-Security’: ‘max-age=31536000; includeSubDomains’, ‘X-Content-Type-Options’: ‘nosniff’, ‘X-Cache’: ‘CONFIG_NOCACHE’, ‘X-MSEdge-Ref’: ‘Ref A: 57BC8EE1564A4AD48482F64FE067CE3A Ref B: MNZ221060618023 Ref C: 2024-09-24T07:45:58Z’, ‘Date’: ‘Tue, 24 Sep 2024 07:45:58 GMT’}

(AuthorizationFailed) The client ‘kk_lab_user_main-2d0a4452a5634b93@azurekmlprodkodekloud.onmicrosoft.com’ with object id ‘5508efc0-4a94-4d75-bf44-c9b79c4fdb73’ does not have authorization to perform action ‘Microsoft.Authorization/roleAssignments/write’ over scope ‘/subscriptions/a2b28c85-1948-4263-90ca-bade2bac4df4/providers/Microsoft.Authorization/roleAssignments/ca31effa-fa77-4f34-b7f1-2db555324fc4’ or the scope is invalid. If access was recently granted, please refresh your credentials.
Code: AuthorizationFailed
Message: The client ‘kk_lab_user_main-2d0a4452a5634b93@azurekmlprodkodekloud.onmicrosoft.com’ with object id ‘5508efc0-4a94-4d75-bf44-c9b79c4fdb73’ does not have authorization to perform action ‘Microsoft.Authorization/roleAssignments/write’ over scope ‘/subscriptions/a2b28c85-1948-4263-90ca-bade2bac4df4/providers/Microsoft.Authorization/roleAssignments/ca31effa-fa77-4f34-b7f1-2db555324fc4’ or the scope is invalid. If access was recently granted, please refresh your credentials.
root@Jack:~#

Please let me know if anyone got a workaround for this.