Azure DNS
An Azure service that enables hosting Domain Name System (DNS) domains in Azure.
597 questions
Getting error "The client with object id does not have authorization to perform action" using azure-sdk-for-go
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(3.2, 70%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAP%3C/text%3E%3C/svg%3E)
Akhil PB
0
Reputation points
Getting following error while trying to read/write privateDNSzone which is in the subscription "4a224af2-b22d-4a92-a556-fd0d0aa06847" from another subscription "017b8edd-1cb1-4c3e-aa2a-2f62880b1d3d" using azure-sdk-for-go.
GET https://management.azure.com/subscriptions/4a224af2-b22d-4a92-a556-fd0d0aa06847/resourceGroups/test-rg/providers/Microsoft.Network/privateDnsZones/privatelink.mysql.database.azure.com -------------------------------------------------------------------------------- RESPONSE 403: 403 Forbidden ERROR CODE: AuthorizationFailed -------------------------------------------------------------------------------- { "error": { "code": "AuthorizationFailed", "message": "The client 'eccbe23e-ce10-49ee-a742-9f8612377ef1' with object id 'eccbe23e-ce10-49ee-a742-9f8612377ef1' does not have authorization to perform action 'Microsoft.Network/privateDnsZones/read' over scope '/subscriptions/4a224af2-b22d-4a92-a556-fd0d0aa06847/resourceGroups/test-rg/providers/Microsoft.Network/privateDnsZones/privatelink.mysql.database.azure.com' or the scope is invalid. If access was recently granted, please refresh your credentials." } } --------------------------------------------------------------------------------
{count} votes
-
GitaraniSharma-MSFT 47,421 Reputation points Microsoft Employee2024-04-19T10:23:15.4+00:00 Hello @Akhil PB ,
Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.
The error message "The client with object id does not have authorization to perform action" is related to permissions.
Could you please confirm if the object ID "eccbe23e-ce10-49ee-a742-9f8612377ef1" has read/write permissions over the Private DNS zone "privatelink.mysql.database.azure.com"?
Refer: https://learn.microsoft.com/en-us/azure/dns/dns-protect-private-zones-recordsets
Regards,
Gita
-
GitaraniSharma-MSFT 47,421 Reputation points Microsoft Employee
2024-04-22T17:03:25.8833333+00:00 @Akhil PB , could you please provide an update on this post?
Sign in to comment