Assign the app role to another service principle

It looks like you're trying to assign an app role to a function app using Azure CLI and PowerShell in a YAML pipeline. Here are a few things you can check to troubleshoot the issue:

Azure Login: Ensure that the az login command is successfully authenticating your Azure account. You can add az account show after az login to verify that the correct account is logged in.

AzureAD Module: Ensure that the Connect-AzureAD command is connecting to Azure AD successfully. You may need to install the AzureAD module if it's not already installed.

Service Principal Permissions: Ensure that the service principal used for the login ($resource.ObjectId, $client.ObjectId) has the necessary permissions to assign app roles (Application.ReadWrite.OwnedBy or similar) in Azure AD.

Resource ID: Double-check that the $resource.ObjectId is the correct resource ID of the function app where you want to assign the app role.

App Role ID: Ensure that the $appRole.Id corresponds to the correct app role that you want to assign.

Correct Principal ID: Verify that the $client.ObjectId corresponds to the correct principal (user, group, or service principal) to which you want to assign the app role.

Output and Error Handling: Check the output and error messages from the PowerShell script to see if there are any specific errors or warnings that might indicate the issue.

You can also try running the PowerShell commands locally to see if they work as expected outside of the pipeline environment. This can help isolate whether the issue is with the commands themselves or with the pipeline configuration.

If you continue to experience issues, please provide any error messages or additional context so that I can assist you further.

Sree_Dev 

 

What is the return message?