Unable to add Service Principal with Role to Multiple Subscriptions #15860
-
|
I have three subscriptions. I successfully created a Service Principal and assigned a role to it (using New-AzADServicePrincipal -DisplayName "PRINCIPAL_NAME" -Role "Reader" -Scope "/subscriptions/SUBSCRIPTION_GUID"), however the Service Principal was added to one subscription. I want to add the same Service Principal with the same access to my other two subscriptions. I've tried using the below PowerShell command, however I get the error referenced below: PS C:\github> New-AzRoleAssignment -ObjectId "PRINCIPAL_OBJECTID" -RoleDefinitionName "Reader" -Scope "/subscriptions/SUBSCRIPTION_GUID" New-AzRoleAssignment : Principals of type Application cannot validly be used in role assignments.
Any help is appreciated. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
@chaddaignault , |
Beta Was this translation helpful? Give feedback.
-
|
@dingmeng-xue Thank you! That's what I was looking for |
Beta Was this translation helpful? Give feedback.
@chaddaignault ,
New-AzRoleAssignmentrespects default subscription in Azure context. You need to change the contextSet-AzContext -SubscriptionId <>to switch another subscription and then callNew-AzRoleAssignmentagain.