No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

How can I assign a role to a group? We have `Pulumi.Azure.Authorization.Assignment`, but when I try to user a group for `PrincipalId` I get the error message: Status=400 Code="UnmatchedPrincipalType" Message="The PrincipalId 'xyz' has type 'Group' , which is different from specified PrinciaplType 'ServicePrincipal'." I can not set a PrincipalType, there is no such property available.

Hmm… I haven’t seen this error before. Any chance it could be a temporary glitch/AAD replication lag?

are you using `id` or `objectId` of the group? not sure if it matters

As far as I know you always have to use object id.

<@UB39JFCKC> Take a look at: <https://docs.microsoft.com/en-us/cli/azure/role/assignment?view=azure-cli-latest#az-role-assignment-create>

There is a parameter called: assignee-principal-type :open_mouth:

It seems like you should not use SkipServicePrincipalAadCheck = true, when using a group as a principalid.