Open
Description
For the Providers_ProviderPermissions API, the permissions to successfully execute this are unclear.
For example if I want to run this against the Microsoft.Compute service if I assign the role executing the API the permission of Microsoft.Compute/*/read then it will run sucessfully however if I instead grant it every Microsoft.Compute read operation as returned from a az provider operation show --namespace Microsoft.Compute
azure cli query then I get the following error returned by the API:
{
"error": {
"code": "MultipleErrorsOccurred",
"message": "Multiple error occurred: BadGateway,BadGateway,BadGateway,BadGateway,BadGateway,BadGateway,BadGateway,BadGateway,BadGateway. Please see details.",
"details": [
{
"code": "BadGateway",
"message": "Response from service 'Microsoft.Compute' does not contain sufficient information to enforce access control policy."
},
{
"code": "BadGateway",
"message": "Response from service 'Microsoft.Compute' does not contain sufficient information to enforce access control policy."
},
.....
I'm using Microsoft.Compute as an example here if I try other services such as Microsoft.Storage etc. I get the same result.
This implies either there is a undocumented permission I need to have or the API is not working correctly.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Metadata
Assignees
Labels
Workflow: This issue is responsible by Azure service team.Issues that are reported by GitHub users external to the Azure organization.Workflow: This issue needs attention from Azure service team or SDK teamThe issue doesn't require a change to the product in order to be resolved. Most issues start as that