No "Access Control IAM" option when trying to assign a role in Azure portal
I am trying to follow this guide when trying to setup snapsot debugger for a BYOS:
It states I should "Grant the Storage Blob Data Contributor role to the Azure Active Directory (Azure AD) application named Diagnostic Services Trusted Storage Access via the Access Control (IAM) page in your storage account."
When searched for a resource called "Diagnostic Services Trusted Storage Access", what I found is a service principal and it doesn't have the option of "Access Control (IAM)" to assign the role.
Do I need to do something in order to have that option?
Grant the Storage Blob Data Contributor role to the Azure Active Directory (Azure AD) application named Diagnostic Services Trusted Storage Access via the Access Control (IAM) page in your storage account
This means you need to assign role to "Diagnostic Services Trusted Storage Access" service principal in Access Control (IAM) page of your storage account.
Go to Azure Portal -> Storage Accounts -> Your Storage account -> Access Control (IAM) -> Add role assignment
Select Storage Blob Data Contributor under Roles section and click on Next like below:
Now, click on Select members and search for "Diagnostic Services Trusted Storage Access" service principal, select it like below:
After selecting the service principal, click on Review+assign to grant the role like below:
You can confirm it by checking role assignments of your storage account like this:
