I'm a Microsoft employee and I'm new to Azure. I would like to deploy a Service Principal on my internal Microsoft Azure subscription. Using the Azure CLI, when I run
az ad sp create-for-rbac --name $spn_name
I get the error "Insufficient privileges to complete the operation." The documentation here (https://learn.microsoft.com/en-us/cli/azure/create-an-azure-service-principal-azure-cli?view=azure-cli-latest) makes it seem like I don't have Azure Active Directory configured properly.
I don't have Azure Active Directory on my internal subscription. Do I need to add this? If so, how can I set this up on my Microsoft internal account? Is there a way to create a Service Principal without Azure Active Directory?
It seems that the issue was that my SP name was not unique. Changing the name solved this problem for me.