Prevent users from creating azure subscriptions in tenant
Hi Team, Is there any option to prevent the users from creating azure subscriptions in tenant. Only Global admin should have access for creating subscription and other users should not have option to create subscription in tenant level
Assign an Azure role for access to blob data
https://learn.microsoft.com/zh-tw/azure/role-based-access-control/conditions-prerequisites Sorry, I Can't find "Blob path"
Getting 403 error in Terraform while assigning RBAC in Azure
I have correct access (Owner) and able to assign RBAC through portal but not Terraform. │ Error: authorization.RoleAssignmentsClient#Create: Failure responding to request: StatusCode=403 -- Original Error: autorest/azure: Service returned an error.…
Unable to Assign Global Admin Roles in Microsoft 365 due to GDAP Issues
None of our users in MS365 admin center has global admin rights. We do not have the rights to assign global admin rights to ourselves in MS Admin Center Our MS365 provider cannot help us since there is no active GDAP. Our MS365 provider has tried…
Connect to CloudShell
Hi, I have granted one of my users access to Azure Kubernetes Service. The user wants to connect to Azure Cloud Shell from the Azure portal but is unable to do so, as connecting to Azure Cloud Shell requires a storage account, and the user does not have…
How to have more control on my users having access to client's tenant?
Hi, I am facing a scenario where a org needs to give his consultants (part time employees) a domain email address using which they get invited to a separate Azure tenant from client and do their tasks there. The thing is, in this scenario org have no…
Restore the owner for my free subscription
Hi everyone, Accidentally I deleted the owner role of my free subscription. Is there any way to restore my permissions? The option for cancelling and reactivating the subscription is not on the table, as I don't have permissions. Could anyone pls…
azure owner roles issue
Hi Team, accidentally i was deleted my owner role attached to the my subscription . and now i am unable to perform operations in my account. could you please help me on this issue
not able to change access configuration policy
CODE InsufficientPermissions MESSAGE RAW ERROR Caller is not allowed to change permission model. For more information on how to change the permissions model follow this link: https://go.microsoft.com/fwlink/?linkid=2155160. Details:…
Need no authentication but only authorization from spring boot 3 to access roles for API exposed
We want to just authorization using spring boot 3 for the APIs exposed for the ROLE that is there in the token issued from another cli client by executing command = az account get-access-token. We need sample piece of code of spring 3 application that…
Received error - "AADSTS399266: Blob grant token received with wrong issuer type."
I am trying to use the code from this microsoft learn page - https://learn.microsoft.com/en-us/samples/azure-samples/ms-identity-ciam-javascript-tutorial/ms-identity-ciam-javascript-tutorial-0-call-api-vanillajs/ and configure the Ids. When trying to…
Level 2 AD Group & SQL server Microsoft Entra admin group & usage of IS_MEMBER for Row Level Security
Currently we are running into an issue developing Row Level Security since the IS_MEMBER does not work for the Microsoft Entra Admin group setup for that SQL server.…
Blob/storage container security role needed to "add" a blob/container
Hello, I'm looking to determine what the minimum security Roles I would need to assign to a user that will allow them to create and manage Azure storage containers and Azure Blobs in the azure portal. thanks, RT
How to allow users from a different tenant access our storage, servers, etc
Is it possible to allow the users from a different Azure tenant access to Windows VMs, file shares, storage, etc, in our tenant without having to have them set up accounts, invites, etc? In other words, seamlessly?
PIM - Group Admin Role Assignment is not working as intended
Currently, if you use the PIM Assignment group to gain access to the Groups Administrator role, you're unable to validate any dynamically assigned rules using the built-in validation tool. However, if you assign the Group Administrator role directly (not…
not able to create a unity catalog
i want to create a unity catalog in azure databricks. manage account console is not accessible on azure databricks once i launch a workspace despite the "globle administrative role access" and premium subscription of azure…
How to access Azure without an existing external user?
I can no longer use the Azure account. Reason: The only external user has been converted to an internal user. It is no longer possible to log in without an external user. Deleting the account is also not possible. There is no support for this…
Azure Key Vault RBAC permissions required for APIM to retreive a cert?
Hi I have a Azure API manager setup and want to add a custom domain. We have deployed Azure Key Vault and uploaded a certificate. We have deployed Key Vault with the recommended "role-based access control" We have given the APIM managed…
Users are not able to see some resources in a resource group where they have respective contributor access.
I created a resource group and added some resources in that. There I added my team through security group which has respective contributor roles for those resources. Some of these resources including blob storage is not visible to the team. To…
How to delete resource when the access is denied because of the deny assignment
Hi, I want to delete a Resource group that I have owner role, but the error said that: "Failed to delete resource group ticketx88: The client '[email protected]' with object id '67991a01-1405-424f-ab7a-e596f262c6ca' has permission to perform…