upstream/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2026-06-11 09:51:16 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 9

Explain owner role requirement (#6801)

Browse source
This commit is contained in:
benz0 2019-05-30 21:25:30 -05:00 committed by Jim Kalafut
parent a2e155b8d4
commit a6ef481265
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
website/source/docs/secrets/azure/index.html.md
View file

@ -170,6 +170,11 @@ The following Azure roles and Azure Active Directory (AAD) permissions are requi
- "Read and write all applications" permission in AAD
These permissions can be configured through the Azure Portal, CLI tool, or PowerShell.
In your Azure subscription, your account must have `Microsoft.Authorization/*/Write`
access to assign an AD app to a role. This action is granted through the [Owner](https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#owner) role or
[User Access Administrator](https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#user-access-administrator) role. If your account is assigned to the Contributor role, you
don't have adequate permission. You will receive an error when attempting to assign the service
principal to a role.
## Choosing between dynamic or existing service principals