Azure Active Directory configuration

rni_G_Ragnarsson · 2 December 2016 14:17

Hi.

I am setting up Octopus Deployment on a VM inside our Azure environment. I want to deploy to Web Apps in that environment, and have set up a Active Directory application to authenticate OD into Azure.

I keep getting this error here when OD tries to read the resource group list:
Microsoft.Rest.Azure.CloudException: The client ‘{guid}’ with object id ‘{guid}’ does not have authorization to perform action ‘Microsoft.Resources/subscriptions/resourcegroups/read’ over scope ‘/subscriptions/{guid2}’.

It seems that the AAD Application does not have the rights to read the resource group list. How do I configure this?

Dalmiro · 2 December 2016 19:15

Hi,

Thanks for reaching out! It does seem like the account you are using doesn’t have enough permissions on the Azure side of things. This lengthy MS doc might help as it shows how to manage such permissions from the Azure portal: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal

Let me know how that goes.

Regards,
Dalmiro