Issue while the logon scripts are running inside the HCIbox

[ullasanand13]

Discussed in https://github.com/microsoft/azure_arc/discussions/1795

^{Originally posted by **ullasanand13** April 25, 2023} Hi GIT team, "HCIBox-Client" has got deployed. However, after login to the HCIbox the logon scripts have failed due to the below error. I know this is a permissions issue. But it is trying to connect to our default subscription. How to change the subscription where the resources have to be deployed? Message: The client 'ullas.anand@kennametal.com' with object id 'f0851858-ef81-48ef-b258-b865c3e268ce' does not have authorization to perform action 'Microsoft.GuestConfiguration/register/action' over scope '/subscriptions/7e62512b-1073-46d1-b75c-c507c9cc7eb2' or the scope is invalid. If access was recently granted, please refresh your credentials. (AuthorizationFailed) The client 'ullas.anand@kennametal.com' with object id 'f0851858-ef81-48ef-b258-b865c3e268ce' does not have authorization to perform action 'Microsoft.Kubernetes/register/action' over scope '/subscriptions/7e62512b-1073-46d1-b75c-c507c9cc7eb2' or the scope is invalid. If access was recently granted, please refresh your credentials. Code: AuthorizationFailed

[github-actions[bot]]

Hey friend! Thanks for opening this issue. We appreciate your contribution and welcome you to our community! We are glad to have you here and to have your input on the Azure Arc Jumpstart.

[sebassem]

Hello, thanks for reaching out. You would need to select the right subscription before deploying following this guidance

[ullasanand13]

Thank you. I was able to overcome this issue by giving contributor role to the service principal.

Regards, Ullas

[sebassem]

Glad to hear its resolved. Please note you need Owner permissions to make sure to have all the functionality working in HCIBox