Open
Description
For the Providers_ProviderPermissions API, the permissions to successfully execute this are unclear.
For example if I want to run this against the Microsoft.Compute service if I assign the role executing the API the permission of Microsoft.Compute/*/read then it will run sucessfully however if I instead grant it every Microsoft.Compute read operation as returned from a az provider operation show --namespace Microsoft.Compute azure cli query then I get the following error returned by the API:
{
"error": {
"code": "MultipleErrorsOccurred",
"message": "Multiple error occurred: BadGateway,BadGateway,BadGateway,BadGateway,BadGateway,BadGateway,BadGateway,BadGateway,BadGateway. Please see details.",
"details": [
{
"code": "BadGateway",
"message": "Response from service 'Microsoft.Compute' does not contain sufficient information to enforce access control policy."
},
{
"code": "BadGateway",
"message": "Response from service 'Microsoft.Compute' does not contain sufficient information to enforce access control policy."
},
.....
I'm using Microsoft.Compute as an example here if I try other services such as Microsoft.Storage etc. I get the same result.
This implies either there is a undocumented permission I need to have or the API is not working correctly.
Metadata
Metadata
Assignees
Labels
Workflow: This issue is responsible by Azure service team.Issues that are reported by GitHub users external to the Azure organization.Workflow: This issue needs attention from Azure service team or SDK teamThe issue doesn't require a change to the product in order to be resolved. Most issues start as that