- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
04-30-2021 09:34 AM
While setting up the Service Principal on Panorama Plugin for Azure, even though the IAM role of reader seems to be properly defined in Azure we get this error message during the validation phase:
ERROR: Validation of #######-####-####-############ failed with msg Failed to validate credentials with error - Failed to validated Azure Monitoring permissions and Deployment permissions. Error: Failed to validate monitoring permissions. Error: Missing permission for 'Microsoft.Compute/virtualMachines/read', please update service principal.
Any ideea what else might cause this? Most probably is something very simple we are missing but we run out of troubleshooting leads now and any suggestion will be highly appreciated.
03-28-2022 03:42 AM
Having the same issue, did you ever resolve this?
03-29-2022 07:19 AM
Yes, I'm having this issue as well and have a TAC case open, but so far no luck - please post if you find a solution!
04-13-2022 03:21 AM
Please find the list of actions/permissions required to support monitoring for the Azure 3.0.1 plugin below:
The list of permissions required to enable monitoring are as below:
"actions": [
"Microsoft.Compute/virtualMachines/read",
"Microsoft.Network/networkInterfaces/read",
"Microsoft.Network/virtualNetworks/read",
"Microsoft.Network/locations/serviceTags/read",
"Microsoft.Network/loadBalancers/read",
"Microsoft.Resources/subscriptions/resourcegroups/read",
"Microsoft.Network/publicIPAddresses/read"
]
With these permissions assigned to a service principal, validation will fail but the monitoring functionality is not affected and the 3.0.1 plugin will continue to function as designed.
03-30-2023 10:42 AM
Panorama
OS version 10.1.x
Azure plugin 3.1
I can the below error, when trying to validate Service Principle
Failed to validate credentials with error - Failed to validated Azure Monitoring permissions and Deployment permissions. Error: Failed to validate monitoring permissions. Error: Missing permission for 'Microsoft.Compute/virtualMachines/read', please update service principal.
Azure App is set with "reader"
Can anyone explain more what to check or what the problem could be ?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!