Open murrayc13 opened 8 months ago
Adding @wyunchi-ms does the data plane commands of AppConfiguration require extra previllage?
Let me loop in app config team for more insights about whether "the data plane commands of AppConfiguration require extra previllage?"
Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @shenmuxiaosen, @avanigupta.
I had the same experience. In my case assigning the role "Reader" strangely solved the issue. Even being "Owner" was not sufficient. So it seems like "App Configuration Data Reader" is completely ignored AND the cmdlet checks explictely for "Reader".
Description
if you run the module Get-AzAppConfigurationKeyValue as the owner of an app configuration you will receive the error message forbidden. As owner, you can read and write to the keys via the azure portal and the az cli. However, it doesn't work using the PowerShell module unless you have the role app configuration data owner or app configuration data reader.
Error - Get-AzAppConfigurationKeyValue : The server responded with a Request Error, Status: Forbidden
Module - https://learn.microsoft.com/en-us/powershell/module/az.appconfiguration/get-azappconfigurationkeyvalue?view=azps-11.2.0
Issue script & Debug output
Environment data
Module versions
Error output