How to fix Access to appconfig was denied. Please ensure the required role assignment is made for the identity running this task.

Michael Agbogidi 25 Reputation points
2024-10-03T09:23:53.8866667+00:00

The client secret key of an app on azure portal expired and was renewed. The service connection from azure devops to the azure portal was also recreated. The creator of the service connection is having the owner role as well as the App Configuration Data Reader role. But when we try to raise a PR on azure devops, the build pipeline fails at the stage of fetch config with the error below:

Access to 'https://dms-dev-app-config.azconfig.io/kv?key=ConnectionStrings%3AAppConfig&label=%00&api-version=1.0' was denied. Please ensure the required role assignment is made for the identity running this task.

Can't figure out what the issue is since the expected roles have already been assigned.

Any help would be greatly appreciated.

Thanks in advance.

Azure App Configuration
Azure App Configuration
An Azure service that provides hosted, universal storage for Azure app configurations.
240 questions
0 comments No comments
{count} votes

Accepted answer
  1. LeelaRajeshSayana-MSFT 16,786 Reputation points
    2024-10-04T21:28:34.7766667+00:00

    Hi @Michael Agbogidi I'm glad that you were able to resolve your issue and thank you for posting your solution so that others experiencing the same thing can easily reference this! Since the Microsoft Q&A community has a policy that "The question author cannot accept their own answer. They can only accept answers by others ", I'll repost your solution in case you'd like to accept the answer .

    Error Message:

    Access to 'https://dms-dev-app-config.azconfig.io/kv?key=ConnectionStrings%3AAppConfig&label=%00&api-version=1.0' was denied. Please ensure the required role assignment is made for the identity running this task.

    Issue:

    Service connection from Azure Devops to the portal failed after key renewal even after confirming that the creator of the service connection has the owner role as well as the App Configuration Data Reader role.

    Solution:

    Assigning App Configuration Data Reader Role to the app helped resolve the issue.

    If I missed anything please let me know and I'd be happy to add it to my answer, or feel free to comment below with any additional information.

    I hope this helps!

    If you have any other questions, please let me know. Thank you again for your time and patience throughout this issue.

    1 person found this answer helpful.
    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. Michael Agbogidi 25 Reputation points
    2024-10-04T10:06:17.8766667+00:00

    I needed to assign App Configuration Data Reader Role to the app itself. This resolved the issue.

    1 person found this answer helpful.
    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.