I am working on this: Monitor Azure AD B2C with Azure Monitor. I am sort of blocked in doing this now as I do not get any further than step 3.3.3 which requires me to press a button in order to create and ARM template. Pressing the button is simple but filling the form in a way that does not result in an error, is not that simple.
The "Managed by Tenant Id" part was filled in with the Id found in 3.1 . The value of principilId is the objectId of the security group selected in 3.2 .
It may all sound logical. But I got an error when trying to proceed. Here is the full json of this error:
{
"code": "InvalidTemplateDeployment",
"details": [
{
"code": "InvalidManagedServicesTemplateDeployment",
"message": "The managed services template deployment file contains invalid values. Please see details.",
"details": [
{
"code": "ClassicAdministratorListFailed",
"message": "Failed to list classic administrators of subscription '6f579c77-xxxx-xxxx-xxxx-762dae90xxxx': 'The subscription ID was not found.'."
}
]
}
],
"message": "The template deployment 'Microsoft.Template-2023120514xxxx' is not valid according to the validation procedure. The tracking id is 'fbb904b5-xxxx-xxxx--xxxx-0425aa10xxxx'. See inner errors for details."
}
Apparently, it can't find my subscriptionId. This is strange because when I type az account show, this is presented as my default subscription.
So how do I convince this tooling to find it?
In my case, I got similar error when I tried to deploy the resource with user having Contributor role under subscription:
To resolve the error, make sure to assign
Ownerrole to the user account under your subscription like this:When I tried the same with user having Owner role, deployment is successful where Azure Lighthouse created:
To confirm that, you can check
Delegationstab in Service providers like this:You can now add Diagnostic setting in your Azure AD B2C tenant to configure monitoring and proceed to remaining steps:
Reference: ClassicAdministratorListFailed · Azure-Lighthouse-samples · GitHub by Kristian Nese