Currently if you attempt perform actions like adding an Azure AD group via terraform, and the identity used by terraform does not have the required permission, the Authorization_RequestDenied Error is received.
Sample Error:
Error: Creating group "Group-name-axtwb"
with ...._ds_group[0],
on ....../rbac.tf line 3, in resource "azuread_group" "res_ds_group":
3: resource "azuread_group" "res_ds_group" {
GroupsClient.BaseClient.Post(): unexpected status 403 with OData error:
Authorization_RequestDenied: Insufficient privileges to complete the
This error does not have details on the permissions missing. So azmpf cannot add those.
From the terraform docs, adding these permissions requires global admin privelege / admin consent.
In such cases the utitlity should inform the user and share the link to appropriate docs
Currently if you attempt perform actions like adding an Azure AD group via terraform, and the identity used by terraform does not have the required permission, the Authorization_RequestDenied Error is received.
Sample Error:
This error does not have details on the permissions missing. So azmpf cannot add those.
From the terraform docs, adding these permissions requires global admin privelege / admin consent.
In such cases the utitlity should inform the user and share the link to appropriate docs