Error when trying to create service connection in azure devops
My requirement is to use Azure Devops services to create services connection, so I created an azure AD application in azure portal
In azure Devops project setting I created a new service connection but when I click on verify it throws me the error:
Failed to query service connection API "https://managemant.azure.com/sub/xxx?api-version=2016-06-01.status code:'status code:{"error",:{code""Authorization failed message" 'the client" with object id "does not have authorization to perform action 'microsoft.resource/sub/read,over scope'/sub/*** or scope is invalid.if access was recently granted.please refresh your credentials}}
The document I am referring to is https://learn.microsoft.com/en-us/azure/devops/pipelines/library/connect-to-azure?view=azure-devops#use-spn
Would appreciate any assistance on this
TIA
I tried to reproduce the same in my environment and got the same error as below:
To resolve the error, assign reader role/permission to the Azure AD Application on the subscription level like below:
Go to Azure Portal -> Subscriptions -> Select your Subscription -> Access control (IAM) -> Add role assignment
Verification is successful after assigning the role like below:
You can also assign contributor role based on your requirement.