Skip to main content

Azure Az: Operation failed with status: 'Forbidden'. Details: 403 Client Error

I was trying to create a new resource group on Azure using a Shell script. An app registration was created followed by assigning the 'Contributor' role to the Service Principal. However, the az group create command repeatedly returned 403 Client errors. 

Operation failed with status: 'Forbidden'. Details: 403 Client Error: Forbidden for url: https://management.azure.com/subscriptions/<subscription id>/resourcegroups/rg-internal?api-version=2018-05-01


We suspected Service Principal permission issues and even elevated it as owner but that didn't help. Next, I tried using my personal account with contributor permissions to create the resource group but even that failed. That's when I suspected something is amiss and tried creating the resource group from the Azure Portal. It revealed the actual reason - 


Once I added the relevant tags, errors vanished and the resource group was instantly created. 

Moral: If commands don't work, wherever possible try the operation from Azure Portal.

Comments

Popular posts from this blog

Turning off a Dell Laptop Monitor: Keyboard shortcut(s)

I am someone who is particular about power savings and I don't leave appliances powered on when not in use. The same applies to computing devices - be it a smartphone or a PC/Laptop. I power off the desktop monitor when I step out for a tea break or hit Fn+F2 on my Lenovo laptop that turns off the display. Recently, I got a Dell Laptop and I was surprised to discover that Dell does not provide any shortcut to turn off the display. This led to some exploration and I found two ways to achieve that which are outlined below - 

Resolving INS-20802: Oracle Net Configuration Assistant failed error on Windows 10

I was all excited about the migration to Windows 10 until I had to install Oracle client 12.1.0.2 on it. The Oracle client installation used to fail miserably at the last stage with this error named INS-20802.

Nginx - Solution for 10060: A connection attempt failed because the connected party did not properly respond

I was in the process of setting up Nginx to serve as the reverse proxy for Nexus Repository Manager OSS. However, the Nexus repository started loading really slowly post this and used to repeatedly display disconnected and reconnected messages. The Nginx log file used to log the below error - <timestamp> [error] 3240#3632: *1 upstream timed out (10060: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond) while connecting to upstream, client: <ip address="">, server: <fqdn>, request: "GET /nexus HTTP/1.1", upstream: "http://[::1]:8081/nexus", host: "<fqdn>"