https://pulumi.com logo
#general
Title
# general
b

better-rainbow-14549

03/25/2019, 2:33 PM
i followed that
s

stocky-spoon-28903

03/25/2019, 4:53 PM
I have a feeling I’ve seen this before and that you must be a global admin to create new SPs even with good permissions otherwise
(In fact, @white-balloon-205 had to make my service account a global admin last week to enable testing this so that’s very likely to be the problem here!)
b

better-rainbow-14549

03/25/2019, 4:54 PM
i had to grant the "Azure AD Graph" permissions and make my pulumi CI SP an "Owner"
works now, thanks though
azure-ad-graph permissions let me create another SP, but until it was Owner (not Contributor) i couldn't grant it any roles
i

icy-dress-83371

05/07/2019, 11:21 PM
@better-rainbow-14549 Do you have more details of where/how you did this? I am running into the same issues.