This message was deleted.
# azures
sparse-intern-71089
02/08/2020, 10:53 PMThis message was deleted.
w
wet-noon-14291
02/08/2020, 10:53 PMAny idea on how to debug this?
wet-noon-14291
02/08/2020, 11:11 PMI think I should have sufficient privileges, since it should be my personal subscription connected to it. But I’m by no means an azure active directory expert and can be mistaking, that whole part of azure is overly complex IMO.
wet-noon-14291
02/08/2020, 11:40 PMIs it anything I can try on the command line to figuring out what's up.
wet-noon-14291
02/08/2020, 11:41 PMor in the UI to see if I can achieve what I'm doing here in the UI. Not sure what this represent in the UI though, is it "App registrations" that I can't create?
e
enough-oil-63049
02/09/2020, 12:57 AMHi Tomas, it looks to me like you need to add permissions to Azure AD Graph API, see: https://discuss.hashicorp.com/t/azure-secrets-engine/2090/5 and https://github.com/Azure-Samples/azure-sdk-for-go-samples/issues/238 and https://github.com/terraform-providers/terraform-provider-azuread/issues/35 Cheers, James
👍 1
c
colossal-room-15708
02/09/2020, 1:20 AMI would check if you have permissions to even create an Azure Application:
https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal#required-permissions
Maybe see if you can do it manually in the portal:
https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/add-application-portal
Or via the cli:
https://docs.microsoft.com/en-us/cli/azure/create-an-azure-service-principal-azure-cli?view=azure-cli-latest
👍 1
w
wet-noon-14291
02/09/2020, 7:42 PM@colossal-room-15708 I managed to create an app through the portal and using the CLI, so I'm a little bit confused over which credentials that is used when I try to do it through Pulumi, and if they are using the same API as the CLI for creating the app or if the Pulumi command also does something else.
wet-noon-14291
02/09/2020, 7:42 PMI thought Pulumi would use the account that I signed in with using
az loginwet-noon-14291
02/09/2020, 7:45 PMI have a problem as described in this thread, and my general question is what account does pulumi use when doing azure commands? Is it the account that was used when running
az loginwet-noon-14291
02/09/2020, 7:46 PMAccording to https://www.pulumi.com/docs/get-started/azure/configure/ it should use whatever I logged in with.
t
tall-librarian-49374
02/09/2020, 8:01 PMYes, it’s
az account showw
wet-noon-14291
02/09/2020, 8:05 PM@tall-librarian-49374, thanks. Hmm. Any idea of what might causing my Pulumi deploy to fail: https://pulumi-community.slack.com/archives/CRVK66N5U/p1581202394064300 ?
t
tall-librarian-49374
02/09/2020, 8:05 PMI haven’t seen this before, unfortunately
tall-librarian-49374
02/09/2020, 8:08 PMMaybe something here https://github.com/terraform-providers/terraform-provider-azuread/issues/35
w
wet-noon-14291
02/09/2020, 8:59 PMIs there a way to get the output from pulumi to show which account that is used? I tried verbose level 3 and 5 but that didn’t reveal that kind of information.
c
colossal-room-15708
02/09/2020, 9:27 PMCan you show us a code snippet of what you're trying to do?
I've not seen this error before.
w
wet-noon-14291
02/09/2020, 10:59 PMI created a project only containing the pulumi stuff, and that sort of fixed it. I think the problem was that I was looking at multiple Pulumi templates at once, and one of them configured a service principal that should be used to actually execute pulumi (I guess that is what the
azure:clientId/clientSecretmake deploy-yt
tall-librarian-49374
02/10/2020, 7:26 AMI’m happy you solved it! Would love to see your code as a PR to our examples repo 😉
w
wet-noon-14291
02/10/2020, 8:25 AMSure, I'll see what I can do @tall-librarian-49374
wet-noon-14291
02/10/2020, 8:54 PMHere you go @tall-librarian-49374 https://github.com/pulumi/examples/pull/546 🙂
🎉 1
9 Views