Azure DevOps 管道失败
[英]Azure devops pipeline failed
问题描述
I am getting this error while running a Azure devops pipeline to deploy some applications.
我在运行 Azure devops 管道以部署某些应用程序时遇到此错误。 At one stage in the pipeline we need to create resource groups in Azure before proceeding to the next stage of deploying apps.在管道的某个阶段,我们需要在 Azure 中创建资源组,然后再继续部署应用程序的下一阶段。 But the pipeline fails because unable to create resource groups due to authorization.但是由于授权无法创建资源组,管道失败。
Failed to create the resource group.未能创建资源组。 Error: "The client id XXXXX with object id XXXXX does not have authorization to perform action 'Microsoft.Resources/subscriptions/resourcegroups/write' over scope or the scope is invalid错误:“具有对象 ID XXXXX 的客户端 ID XXXXX 无权在范围内执行操作“Microsoft.Resources/subscriptions/resourcegroups/write”或范围无效
Please help请帮忙
1 个解决方案
解决方案1
0 2021-11-03 14:27:46
The problem is right there in the error text:问题就在错误文本中:
"The client id XXXXX with object id XXXXX does not have authorization to perform action 'Microsoft.Resources/subscriptions/resourcegroups/write' over scope or the scope is invalid
Chances are the service principal that's used doesn't have the correct role(s) assigned to it.使用的服务主体可能没有分配正确的角色。 Find the service principal with the client id from the error message and assign them at least the Contributor role on subscription level.从错误消息中找到具有客户端 ID 的服务主体,并至少为它们分配订阅级别的贡献者角色。
The Contributor role ...贡献者角色...
Grants full access to manage all resources, but does not allow you to assign roles in Azure RBAC, manage assignments in Azure Blueprints, or share image galleries.
More information: Azure built-in roles .更多信息: Azure 内置角色。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.