Insufficient privileges to deploy Azure Service Principal
Question
I'm a Microsoft employee and I'm new to Azure. I would like to deploy a Service Principal on my internal Microsoft Azure subscription. Using the Azure CLI, when I run
az ad sp create-for-rbac --name $spn_name
I get the error "Insufficient privileges to complete the operation." The documentation here ( https://docs.microsoft.com/en-us/cli/azure/create-an-azure-service-principal-azure-cli?view=azure-cli-latest ) makes it seem like I don't have Azure Active Directory configured properly.
I don't have Azure Active Directory on my internal subscription. Do I need to add this? If so, how can I set this up on my Microsoft internal account? Is there a way to create a Service Principal without Azure Active Directory?
3 answers
solution1
0 2020-08-07 16:31:31
Normal user without Admin roles also will be able to create a service principle even with Azure CLI. If the scenario is that you are creating a service principle from an application then you need application permissions. Please go through similar question which helps in fixing your issue.
solution2
0 2020-09-01 11:43:23
Does not require you to have administrator permissions.
If your account's User type is just a Member in the tenant. Make sure in the portal -> AAD -> User settings -> Users can register applications is Yes.
solution3
0 ACCPTED 2020-11-02 23:27:14
It seems that the issue was that my SP name was not unique. Changing the name solved this problem for me.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.