Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Debugging 403 errors for failed Remediation run #49

Open
thetootall opened this issue Sep 9, 2022 · 2 comments
Open

Debugging 403 errors for failed Remediation run #49

thetootall opened this issue Sep 9, 2022 · 2 comments

Comments

@thetootall
Copy link

thetootall commented Sep 9, 2022
edited
Loading

Im using the traces table from Application Insights to pull the logs below but I've double and triple-checked (even as far as rerunning the Add-MSIAppRoleAssignment.ps1 file after discovering I had put in the App Registration Object ID and not the Function App) and still are seeing these entries in log:
image
Ive also attached the 403 error (and added to remove sensitive information) for additional debugging
403-error.txt
@NickolajA
Copy link
Member

Could you go to Azure AD > Enterprise Applications > (select Managed Identities from the type drop down) and search for your function apps name. Then check under Permissions to see if you have Device.ReadAll?

@JankeSkanke
Copy link
Member

image
Here is how it should look in permissions on the managed identity. @thetootall

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@NickolajA @JankeSkanke @thetootall