Feb 09 2023 07:09 AM
Hi I am following MS learn at https://learn.microsoft.com/en-us/training/modules/implement-managed-identities/4-configure-managed-...
when I issue
az vm create --resource-group impl-managed-identities-rg --name managidentityVM --image UbuntuLTS --generate-ssh-keys --assign-identity --role contributor --scope $subscription --admin-username sieracuser --admin-password myPassword12 --output json
I get the following error (but the VM is created)
{"status":"Failed","error":{"code":"DeploymentFailed","message":"At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-deployment-operations for usage details.","details":[{"code":"BadRequest","message":"{\r\n \"error\": {\r\n \"code\": \"PrincipalNotFound\",\r\n \"message\": \"Principal 51a85caafdf2450091c8b8e497161bcc does not exist in the directory 6799c70e-3ceb-4e88-af13-8f6c565fd4a5. Check that you have the correct principal ID. If you are creating this principal and then immediately assigning a role, this error might be related to a replication delay. In this case, set the role assignment principalType property to a value, such as ServicePrincipal, User, or Group. See https://aka.ms/docs-principaltype\"\r\n }\r\n}"}]}}
Should I creatre a system principalbefore? I understand not.
Thanks for your help
Feb 09 2023 07:20 AM
I just issued
az vm list --resource-group imy-rg
in the output, I see
@Salam_ELIAS wrote:Hi I am following MS learn at https://learn.microsoft.com/en-us/training/modules/implement-managed-identities/4-configure-managed-...
when I issue
az vm create --resource-group impl-managed-identities-rg --name managidentityVM --image UbuntuLTS --generate-ssh-keys --assign-identity --role contributor --scope $subscription --admin-username sieracuser --admin-password myPassword12 --output json
I get the following error (but the VM is created)
{"status":"Failed","error":{"code":"DeploymentFailed","message":"At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-deployment-operations for usage details.","details":[{"code":"BadRequest","message":"{\r\n \"error\": {\r\n \"code\": \"PrincipalNotFound\",\r\n \"message\": \"Principal 51a85caafdf2450091c8b8e497161bcc does not exist in the directory 6799c70e-3ceb-4e88-af13-8f6c565fd4a5. Check that you have the correct principal ID. If you are creating this principal and then immediately assigning a role, this error might be related to a replication delay. In this case, set the role assignment principalType property to a value, such as ServicePrincipal, User, or Group. See https://aka.ms/docs-principaltype\"\r\n }\r\n}"}]}}
Should I creatre a system principalbefore? I understand not.
Thanks for your help
Is this the system-assigned service Principal?