Azure AD Connect Role
Hi, Any idea what Role is advisable for user/s who can access/manage Azure AD Connect? Thanks.
Questions wrt mail with subject "Transition to role-based access control (RBAC) in Azure by 31 August 2024"
I received an email about classis administrator roles starting with: On 31 August 2024, Azure classic administrator roles will be retired. If your organization has active Co-Administrator or Service Admin roles, you'll need to transition to using Azure…
Azure Global Reader no able to read Entra ID
I just got the global reader role for the azure, but when i try to check the detailed configuration of the Entra ID, e.g. Activity logs, Users, using Azure portal, I am not able to do it, showing the message " Insufficient privileges to complete the…
How to lock the Vnet peerings like we lock the the resources in resource group once after we create them?
To prevent unauthorized peerings to other Vnets after creation, it's essential to lock the peerings to restrict access for other users from creating unnecessary peerings. How to do that? Can anyone help me out with this? Thanks.
Issue with Access to some of Azure Services Under Student Ambassador Subscription
Hello everyone, I previously registered an app on Azure using the Student Ambassador subscription. However, when I attempted to do so again recently, I encountered an unexpected message stating that I no longer have access to that service. Has anyone…
User don’t have authorization to perform action 'Microsoft.Resources/deployments/validate/action
Whenever a new user added to the directory tries to deploy custom azure templates, they get the following validation error - User don't have authorization to perform action 'Microsoft.Resources/deployments/validate/action Following roles are already…
![](https://techprofile.blob.core.windows.net/images/Y-wLmbTuL0O2M5KEXw9enQ.png?8DB54C)
Problem to generate blob storage SAS-token in WebApp
Hi, First I want to let you know that I'm beginner with Azure. I have a problem to generate SAS-token (view-access token) for my blob storage container in my webapp server code. I'll get an 403 (unauthorized) error when trying to generate the token. I…
![](https://techprofile.blob.core.windows.net/images/7EQ5-HY98kGi4i9V9wyPSg.png?8DAAFF)
Azure Subscription showing Owner role identity not found.
Hello, I am facing a strange issue. When I am checking my Azure Subscription, Access control (IAM) - The owner role is showing - Identity not found, Unable to find identity. Here is the screenshot. Can you help? Thanks, Anuraj
![](https://techprofile.blob.core.windows.net/images/0Vjsgf5_BwAAAAAAAAAAAA.png?8D8071)
![](https://techprofile.blob.core.windows.net/images/8e7482a06e664b24a43dfb238c317fe1.png)
Build in Rbac Monitoring
I used this Azure document to create a build in rbac alert https://video2.skills-academy.com/en-us/azure/role-based-access-control/role-assignments-alert But the problem is, after the alert was created I am not receiving an email when the rbac is assigned to…
How to assign Reader Access to an Azure SQL Database
Is assigning a Reader Role access in the Azure Server level to XXXXXXX-sql-01.database.windows.net sufficient to view/read tables or databases hosted on the SQL Server? How can I properly assign a Reader role to XXXXXXX-sql-01.database.windows.net?
Move Subscription to Management Group
Hi Team, We have created management groups (have Owner access) and have a few subscriptions with Owner access. When we try to move the subscriptions to the management groups from portal , getting error as below Add subscription failed. An error…
I need to create a policy that blocks sign in of M365 accounts if MFA is not enabled, How do I do this?
Hi, as described above, I need to create a policy that blocks sign in of office 365 accounts, if the account in question does not have MFA enabled on it, how can I achieve this? Thanks!
![](https://techprofile.blob.core.windows.net/images/xgCloIrQvUeqYfAqQE8a0A.png?8D8342)
How to create an alert for azure storage account if there is data action permissions assigned to a custom role or a built in role
I want to create an alert using a Kusto query when a custom role is assigned data action permissions for azure storage account or a current role is modified with the data action permissions for the azure storage account
Giving access to multiple Resource Group
Can you please help me how to give Contributor access in 'managedidentity1' to multiple resource group (eg : RG1, RG2, RG3)?
How to change account administrator for an Azure subscription
Hi guys, I have to change classic subscription administrator roles (I know they will be retired next year), because I don't want the guy who created the subscription to have those roles anymore. To do that I logged in with his account and changed the…
Errors Role assignment creation failed & subscription identifier is malformed or invalid.
I am preparing for Azure DevOps exam. Using this link, trying to create service principal. (link:…
Deleted Virtual Network restricting access of my Global Admin account
Hi, I have an issue where if I try to run certain commands or do certain actions I am being blocked from doing so. When running commands in Powershell, such as "Set-AzWebApp", I get a "BadRequest" error. It becomes a little clearer…
![](https://techprofile.blob.core.windows.net/images/hra_WeT_hEmSpN-7GT42eA.png?8DA207)
Why ceating private endpoint in existing key vault blocks the public access from all network as well as selected network fails?
In Key Vault, Customer firewall is set to public and some to selected network with list of IPs. As soon as we create private endpoint, all other previous connection with pubic/selected network fails. But based on below documentation, I would like…
Possible in azure to view roles required to view specific resource?
So I am wondering if you can view through IAM or some other blade what role is necessary to access resources. EX. with Key Vault, To be able to view and change keys and secrets you need "Key Vault Administrator" Role. When Clicking "View…
Granting permission to managed identity for PIM approvals
I am building a logic app that will send adaptive cards in teams to PIM role approvers when a user requests to activate it. However, I am unable to find a way to allow a managed identity within the logic app to authenticate via the graph API to approve…
![](https://techprofile.blob.core.windows.net/images/j_hATN6lWUGQqy8lwG64fA.png?8D869F)