Assigning permissions to a custom role in Azure
So I'm creating a custom role.. let's call it "MyCompanyDeveloperRole"
I go onto the function app in the portal logged in as someone with that role.
It won't render the function apps list on the overview page as you can see.
I click on the link "See details" (highlighted in yellow), it then proceeds to say "... not have authorization to perform action 'Microsoft.Web/sites/host/properties/read'..."
Then you go in and edit the role adding custom role json editor in the portal which then says... no such role!
Working out what permissions to give is a nightmare!!!
Another example.... when visiting the role assignments for a managed identity that belongs to an Azure app service... the current role assignments aren't showing up... I have no idea what role is missing? I've tried a bunch already!
As mentioned in MSDOC, Microsoft.web/sites/host/properties/read action is not available.
List of actions available under Microsoft.web/sites/host:
Follow below steps:
- Create a custom role and assign below permissions/actions:
Microsoft.Web/sites/config/list/Action
Microsoft.Web/sites/Read
- Grant the custom role access to the user.
- Able to access the function App and create the functions.
- "Schema" property not found in Postgres Connector
- Downloading file from Azure blob storage via Memory Stream
- Reading env variable from template.yaml
- HTTP Error 500.30 - ASP.NET Core app failed to start - Azure
- Azure DevOps Pipelines: TerraformTaskV4: init with different subscription and Workflow Identity Federation
- Enabling HTTPS for a Azure blob static website
- How to search across many Azure Devops Git project and find all files which contain specific text AND which filename contains "Resource"
- Hosting SPA with Static Website option on Azure Blob Storage (clean URLs and Deep links)
- Using Managed Identity to Access Azure OpenAI Service
- Azure data factory not loading
- Transfer encrypted dataprotection keys from a windows vm to azure keyvault
- Refresh powerBI data with additional column
- Azure Application Insights AKS - How to Create 1 custom alert rule which will trigger multiple alerts, but with different names (per pod name)?
- gRPC and REST side by side in Azure App Service, Linux Container
- Connecting to a SignalR WSS stream but not getting the response i am looking for
- SignalR prevent user from opening multiple sessions in different tabs
- Application Insights -_logger.LogInformation
- CosmosDB is not allowing serverless capabalities to NoSQL, it says I must use CapacityMode
- Azure Webapp / Website Swap : HTTP Ping Error
- Microsoft Graph API - Update phoneMethods is no longer working
- Use Azure Key Vault secret in Header section of Web Activity
- Azure Storage blob getting the io.netty.channel.StacklessClosedChannelException while generating /downloading the from SasUrl
- How do I save and later load Azure AnalyzeResult object in python?
- Office 365 Exchange Online permission is not visible for registered application in azure active directory
- Azure ADF - HTTP : Table from list
- Self hosted azure devops build agent not getting tool from $PATH
- Azure devops pipeline stages template nesting
- Azure APIM is returning the incorrect HTTP response error when call is missing mandatory querystring parameter
- Azure DevOps build pipeline logid for a specific task - dynamically
- PS script to fetch the list non-compliance resource list with respect to policy from multiple subscriptions