sparse-intern-71089
07/20/2023, 9:23 PMlittle-library-54601
07/21/2023, 12:57 PMpulumi up
which creates the AAD application, service principal, and federated identity credential, along with the role assignment.
It's not enough to be an "owner" on the subscription. There's a minimum level of permissions within AAD needed to create those objects. And I don't know what that minimum level is. In tenants that I initially created and am essentially "super admin" in AAD, I can do it. But in tenants created by others and where I'm just a guest in AAD, I can't. I'd love to know the minimum level of permissions needed so I could request them w/o requesting to be a "super admin".
Anyway... Thanks again for the article. Big help.millions-journalist-34868
07/21/2023, 1:20 PM