Home > Net >  Remove Role assignment using powershell in azure
Remove Role assignment using powershell in azure

Time:05-31

when im trying to remove role assignment for a storage account using azure automation account

Remove-AzRoleAssignment -SignInName "[email protected]"  -RoleDefinitionName "Storage File Data SMB Share Contributor" -Scope "/subscriptions/000-8888-7777/resourceGroups/$resourcegroup/providers/Microsoft.Storage/storageAccounts/$storageaccount"

using above command getting

Cannot find principle using specified options

enter image description here

CodePudding user response:

Email you provide seem to be not correct SigninName.

If you have access to Azure Active Directory you may check User Principal Name for this user and try it instead. In case of my private subscription it did end with onmicrosoft.com. If you use User Principal Name you should get results you expect.

CodePudding user response:

The error "Cannot find principle using specified options" usually occurs if you don't have the required privileges.

Make sure to run as an Administrator and login with Admin credentials to Azure AD.

I tried in my environment and got the same error when the role is missing with incorrect sign-in name like below:

image

Please check whether the role you are trying to remove is existing or not in the scope like below:

Get-AzRoleAssignment -SignInName "UPN" | FL DisplayName, RoleDefinationName, Scope
  • Ensure to give correct UPN (User Principal Name) of the user.

Make use of the above response to run the below command:

Remove-AzRoleAssignment -SignInName "UPN"  -RoleDefinitionName "Storage File Data SMB Share Contributor" -Scope "Your_Scope"

Please recheck the scope you are providing.

  • Related