Hello,
I created a Lighthouse offer with Reader, Virtual Machine Contributor as well as other related Contributor roles and Delete Offer roles (see below). After onboarding, when I attempt to create new Virtual Machine via the Provider tennant, I get a permission error like so:
What exactly am I missing? The Service Provider user account is in the group that was associated in the offer, it is also the administrator. So it must be a Role I am missing? My goal is to build an offer that will allow full VM management. Thanks.
These are the roles, I think I might need also to add some Storage and Networking roles:
[
{
"principalId": "67e78b19-6609-4ca8-aaf2-f0a26626ea05",
"roleDefinitionId": "acdd72a7-3385-48ef-bd42-f606fba81ae7",
"principalIdDisplayName": "Read Any Resource"
},
{
"principalId": "67e78b19-6609-4ca8-aaf2-f0a26626ea05",
"roleDefinitionId": "91c1777a-f3dc-4fae-b103-61d183457e46",
"principalIdDisplayName": "Unregister MSP"
},
{
"principalId": "67e78b19-6609-4ca8-aaf2-f0a26626ea05",
"roleDefinitionId": "9980e02c-c2be-4d73-94e8-173b1dc7cf3c",
"principalIdDisplayName": "Manage Virtual Machines"
},
{
"principalId": "67e78b19-6609-4ca8-aaf2-f0a26626ea05",
"roleDefinitionId": "4d97b98b-1d4f-4787-a291-c67834d212e7",
"principalIdDisplayName": "Manage Networks"
},
{
"principalId": "67e78b19-6609-4ca8-aaf2-f0a26626ea05",
"roleDefinitionId": "ec156ff8-a8d1-4d15-830c-5b80698ca432",
"principalIdDisplayName": "Manage CDN profiles"
},
{
"principalId": "67e78b19-6609-4ca8-aaf2-f0a26626ea05",
"roleDefinitionId": "befefa01-2a29-4197-83a8-272ff33ce314",
"principalIdDisplayName": "Manage DNS Zones"
},
{
"principalId": "67e78b19-6609-4ca8-aaf2-f0a26626ea05",
"roleDefinitionId": "5e467623-bb1f-42f4-a55d-6e525e11384b",
"principalIdDisplayName": "Manage Storage Backups"
},
{
"principalId": "67e78b19-6609-4ca8-aaf2-f0a26626ea05",
"roleDefinitionId": "add466c9-e687-43fc-8d98-dfcf8d720be5",
"principalIdDisplayName": "Manage Data Box Service"
},
{
"principalId": "67e78b19-6609-4ca8-aaf2-f0a26626ea05",
"roleDefinitionId": "17d1049b-9a84-46fb-8f53-869881c3d3ab",
"principalIdDisplayName": "Manage Storage Account"
},
{
"principalId": "67e78b19-6609-4ca8-aaf2-f0a26626ea05",
"roleDefinitionId": "e5e2a7ff-d759-4cd2-bb51-3152d37e2eb1",
"principalIdDisplayName": "Manage Storage Backup Account"
}
]