The client ‘{0}’ with object id ‘{1}’ does not have authorization to perform action ‘Microsoft.ServiceFabric/register/action’ over scope ‘/subscriptions/{2}’

For an enterprise customer, I hat do develop a solution, that is build in the Cloud (Microsoft’s Cloud Azure). In that project I had the following setup:

For Build & Release, VSTS (Visual Studio Team Services) is used. For deploying bits to Azure I built up a release, that should setup a basic architecture in Azure.
For accessing Azure from VSTS, an IT responsible of that company, created a Service Principal (SP), that can access Azure resources and added that guy as VSTS Endpoint Service.

Now, one of those architecture components is Service Fabric. After creating the Release definition and the scripts in Azure CLI 2.0 I tried to get things working. But unfortunately, the release stopped with following error message:

… ok, maybe I have to register the namespace manually (usually not, but how really knows 😉 ), so I used the following command, before creating service fabric cluster:

and this led to following error:

The client ‘{0}’ with object id ‘{1}’ does not have authorization to perform action ‘Microsoft.ServiceFabric/register/action’ over scope ‘/subscriptions/{2}’

Hm…, was not, what I hoped to get, but expected K ! Are there any account problems? Using a foreign subscription with limited access could be the cause! So I did some investigation on how the SP was created, set up and assigned to VSTS.

And, yeah, this was the right track. It became apparent that the SP was created only in AAD with sufficient rights, but it was not assigned as subscription-user, with contribute rights. After proper configuration, everything worked like a charm.

Hope this is also a solution for you?!

Author: Thomas Tomow

As a Managing Consultant, I am working at Alegri in Stuttgart/Germany. There I keep focusing with a team specialized in IoT, UX/Design and DevOps on preparing customers for the next digital future.
I have been working as IT Consultant, IT Architect and lead developer with skills in .NetFramework, agile methodologies like Scrum and much more for nearly 2 decades.
In the last few years I started focusing in IoT & Digitalization strategies in enterprise scenarios. Manly I used Microsofts Azure Cloud, to support customers in letting their visions become true.
Sharing knowledge and practicing principles is something, that I like very much. Therefore I am also Co-Administrator of Azure-Meetup group in Stuttgart, where I’d also like to share my experiences. With this I was awarded in november by Microsoft as a MVP (Most Valuable Professional).

Leave a Reply

Your email address will not be published. Required fields are marked *