How a service administrator get enough permission to create azure custom roles -


i'm trying create custom role in azure (rbac). when execute powershell command new-azurermroledefinition here message saying i'm not authorized create it.

> new-azurermroledefinition .\developer_access_rbac.json   new-azurermroledefinition : authorizationfailed: client 'admin@company.com' object id '{guid}' not have authorization perform action 'microsoft.authorization/roledefinitions/write' on scope '/providers/microsoft.authorization/roledefinitions/{guid}'. @ line:1 char:1 + new-azurermroledefinition .\developer_access_rbac.json + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~     + categoryinfo          : closeerror: (:) [new-azurermroledefinition], cloudexception     + fullyqualifiederrorid : microsoft.azure.commands.resources.newazureroledefinitioncommand

i asked 1 of our administrators in our organization , says account admin@company.com global administrator. , in active directory admin@company.com displayed service administrator.

i'm little confused these permission levels in azure. can explain me how acquire needed permission account admin@company.com solving issue.

taken https://azure.microsoft.com/en-us/documentation/articles/role-based-access-control-custom-roles/#custom-roles-access-control:

who can create custom role? owners (and user access administrators) of subscriptions, resource groups, , resources can create custom roles use in scopes. user creating role needs able perform microsoft.authorization/roledefinition/write operation on assignablescopes of role.

who can modify custom role? owners (and user access administrators) of subscriptions, resource groups, , resources can modify custom roles in scopes. users need able perform microsoft.authorization/roledefinition/write operation on assignablescopes of custom role.

who can view custom roles? built-in roles in azure rbac allow viewing of roles available assignment. users can perform microsoft.authorization/roledefinition/read operation @ scope can view rbac roles available assignment @ scope.


Comments

Post a Comment

Popular posts from this blog

php - How to add and update images or image url in Volusion using Volusion API -

actually have store importing products store product data insert , update image or image url not insert , update. this xml code name datapro.txt. <products_joined> <productcode>3710_012t</productcode> <vendor_partno>eah5450silent/di/1gd3(lp)</vendor_partno> <productname>test product ta</productname> <hideproduct>n</hideproduct> <stockstatus>20</stockstatus> <lastmodified>1/5/2016 10:25:00 am</lastmodified> <lastmodby>2</lastmodby> <productweight>0.9</productweight> <productprice>100</productprice> <productmanufacturer>asus tek</productmanufacturer> <vendor_price>32.69</vendor_price> <numproductssharingstock>0</numproductssharingstock> <categoryids>107</categoryids> <producturl>http://tebkq.mvlce.servertrust.com/productdetails.asp?productcode=3710_012t</producturl>
Read more

javascript - IE9 error '$'is not defined -

Image
<!--[if lte ie 9]><html class="lte9"><![endif]--><!--[if gt ie 9]><html><![endif]--> <!--[if !ie]><!--> <html> <!--<![endif]--> blah blah <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.1/jquery.min.js"></script> <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script> <script src="{{ asset('js/mypage.js') }}" type="text/javascript"></script> </body> </html> when load page, ie9 brings error '$' not defined . how can solve error? +++ mypage.js $(function(){ //when load page, //ie9 tag not moving. $(window).load(function() { $('div.mask').hide(); }); // when click , willshow show. //for not ie 9 if (!$('html').hasclass('lte9')) { var = $('ul.about > li > span.activebtn');
Read more