az role assignment error when using –assignee

So I created a Security…

Login

Blog History

So I created a Security group in Azure Active Directory named "Development" and then tried to assign it to the "Website Contributor" role with less than stellar results

But going to Azure AD and getting the object ID for the "Development" group and changing fro --assignee to --assignee-object-id did the trick

Seethe example output below

Jamess-MacBook-Pro:~ jmcd$ az role assignment create --assignee "Development" --role "Website Contributor"
Operation failed with status: 'Bad Request'. Details: 400 Client Error: Bad Request for url: https://graph.windows.net/78c7859b-b3cd-442b-812f-c0baad4689a3/getObjectsByObjectIds?api-version=1.6

Jamess-MacBook-Pro:~ jmcd$ az role assignment create --assignee-object-id "18b7ac1b-3334-403d-86f4-976b9ef75681" --role "Website Contributor"
{
  "canDelegate": null,
  "id": "/subscriptions/<SUBSCRIPTION ID>/providers/Microsoft.Authorization/roleAssignments/6096153f-f130-46ec-ab34-a59ba6a30ef4",
  "name": "6096153f-f130-46ec-ab34-a59ba6a30ef4",
  "principalId": "18b7ac1b-3334-403d-86f4-976b9ef75681",
  "principalType": "Group",
  "roleDefinitionId": "/subscriptions/<SUBSCRIPTION ID>/providers/Microsoft.Authorization/roleDefinitions/de139f84-1756-47ae-9be6-808fbbe84772",
  "scope": "/subscriptions/<SUBSCRIPTION ID>",
  "type": "Microsoft.Authorization/roleAssignments"
}

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The reCAPTCHA verification period has expired. Please reload the page.