No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

image.png

You need the Application Administrator role on the non-owner service principal that is doing the CI/CD.

Thanks a lot. Unfortunately, this is getting confusing, so I'll have to do more reading. It seems that role isn't available for Applications, but only for Users. I'll have to clear up my confusion around this Service Principal concept before asking further questions.

I haven't tried to make any adjustments to a Service Principal as I am not doing CI/CD yet. You can give an application (service princpal) the permissions it needs.

It is a bit confusing, but a service principal is an Application Registration in AAD and they can be given permissions similar to a user.

Thanks, Dave. I've managed to get it working by adding permissions in that API permissions blade.

BTW, I've just finished reading your blog series on your Kubernetes journey. That was quite informative and useful. Looking forward to other posts :clap::skin-tone-2: