Hi, I was told by Microsoft Support to create a post here in order to help me solving the issue I'm having with Azure Storage.
Since English is not my native language I apologize for any inconsistences written here, I'm avaliable to clarify any miss understandings that may happen.
I spent the last days trying to understand why I'm being denied to create a Resource Management Private Link even when I have all the necessary permissions(that I'm aware of), after some chat with the support that verified I'm using the correct roles, I don't acctually know what to do here.
My user has the global admin role, Owner of the storage acount, Owner of the Resource group (Inherited), Owner of the Subscription (Inherited), User Access Administrator at Root (Inherited).
Before posting here the support asked me to create another user and give it the permissions to create the link, I tried that and the issue persists. As I said, according to Microsoft Support my roles are looking right and nothing unusual show up on logs.
When I try to create the private link, the following error shows up:
ERROR TYPE
The client 'myuser@Karima ben .com' with object id 'XXXXXXXXXXXXXXXXXXXXXXXX' does not have authorization to perform action 'Microsoft.Resources/deployments/validate/action' over scope '/providers/Microsoft.Management/managementGroups/XXXXXXXXXXXXXXXXXXXX-XXXXXXXXXXXX/providers/Microsoft.Resources/deployments/Microsoft.ResourceManagementPrivateLink-XXXXXXXXXXXX' or the scope is invalid. If access was recently granted, please refresh your credentials. (Code: AuthorizationFailed)
I censored some info just to be sure, but if it's needed I can provide it.
Thank you.
Edit: I'm trying to use the Azure Storage, managing it through the portal.azure.com.