Failure responding to request: StatusCode=403 -- Original Error: autorest/azure: Service returned an error. Status=403 Code="Unknown" Message="Unknown service error" Details=[{"odata.error"


Error listing Service Principals: graphrbac.ServicePrincipalsClient#List: Failure responding to request: StatusCode=403 -- Original Error: autorest/azure: Service returned an error. Status=403 Code="Unknown" Message="Unknown service error" Details=[{"odata.error":{"code":"Authorization_RequestDenied","date":"2020-06-14T16:34:09","message":{"lang":"en","value":"Insufficient privileges to complete the operation."},"requestId":"6e0d75da-7fa9-44c3-b9b7-0d46b57dc94e"}}]

Background:-

My CICD Pipeline Service principal name is : BasicProject-9239f519-8504-XXXX-XXX-c84d53ba3714

and i am trying to Create and Read other service principal name Diskencryption within the pipeline i get error as specified above. 

resource "azuread_application" "diskencryptionapp" {
  name = "diskencryptionapp"
  
}

When i execute release pipeline i got below error

Error listing Service Principals: graphrbac.ServicePrincipalsClient#List: Failure responding to request: StatusCode=403 -- Original Error: autorest/azure: Service returned an error. Status=403 Code="Unknown" Message="Unknown service error" Details=[{"odata.error":{"code":"Authorization_RequestDenied","date":"2020-06-14T16:34:09","message":{"lang":"en","value":"Insufficient privileges to complete the operation."},"requestId":"6e0d75da-7fa9-44c3-b9b7-0d46b57dc94e"}}]


In order to resolve this issue:-

As per the error information it indicated that i do not have required permission of my service principal(BasicProject-9239f519-8504-XXXX-XXX-c84d53ba3714) to read data of other service principal name diskencryptionapp.

 1. login to Azure portal
 2. Go to Azure Active Directory
 3. Click on App registrations >> All Application tab.
 4.Search for Application BasicProject-9239f519-8504-XXXX-XXX-c84d53ba3714
 5Give permission as below to both Azure Active Directory Graph and Microsoft Graph

it should work





Your Issue will  resolve

Thanks.

Comments

Post a Comment

Popular posts from this blog

How to use Custom Script Extensions for windows using Azure PowerShell - AZ CLI and from Terraform

Image
Custom Script Extension for Windows The Custom Script Extension downloads and executes scripts on Azure virtual machines. This extension is useful for post deployment configuration, software installation, or any other configuration or management tasks. Scripts can be downloaded from Azure storage or GitHub, or provided to the Azure portal at extension run time. The Custom Script Extension integrates with Azure Resource Manager templates, and can be run using the Azure CLI, PowerShell, Azure portal, or the Azure Virtual Machine REST API. This document details how to use the Custom Script Extension using the Azure PowerShell module, AZ CLI and then call it from Terraform.  Content of :- Create a file in local folder with name: win_initialize_data_disk.ps1 $disks = Get-Disk | Where partitionstyle -eq 'raw' | sort number     $letters = 70..89 | ForEach-Object { [char]$_ }     $count = 0     $labels = "data1","data2"     fore...
Read more

How to create a Resource group in Azure using Terraform Part -1

Using Terraform with Azure ------------------------------------------------------------ 1. Prerequisite for Working on Terraform 2. How to launch a Visual Studio code 3. How to make a connection to Azure with Terraform and provision azure resources A.Prerequisite :- 1. AZ CLI https://docs.microsoft.com/en-us/cli/azure/install-azure-cli-windows?view=azure-cli-latest -- Download MSI Installer -- Install 2. Terraform.exe https://www.terraform.io/downloads.html -- Download Windows 64 BIT and just copy the terraform.exe into %USERPROFILE%\AppData\Local\Microsoft\WindowsApps Benefit : you can call terraform.exe from any folder and any drive. refer blog -- https://superuser.com/questions/284342/what-are-path-and-other-environment-variables-and-how-can-i-set-or-use-them old release of terraform is present here https://releases.hashicorp.com/terraform/ 3. Visual Studio Code https://code.visualstudio.com/download -- Windows 10 -- Use...
Read more

Error inspecting states in the "azurerm" backend: storage: service returned error: StatusCode=403, ErrorCode=AuthenticationFailed

I received below error while initializing Terraform with below command terraform init -backend-config="access_key=$(az storage account keys list --resource-group "myresourcegroup" --account-name "mystorageaccountname" --query '[0].value' -o tsv)" Issue :- I received below error while executing above terraform init command. Terraform has detected that the configuration specified for the backend has changed. Terraform will now check for existing state in the backends. Error: Error inspecting states in the "azurerm" backend:     storage: service returned error: StatusCode=403, ErrorCode=AuthenticationFailed, ErrorMessage=Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature. RequestId:1b4ff545-601e-0061-80d1-78ecf8000000 Time:2019-10-02T03:27:30.9633333Z, RequestInitiated=Wed, 02 Oct 2019 03:27:30 GMT, RequestId=1b4ff545-601e-0061-80d1-78ecf80000...
Read more