I need to create a managed identity with the Storage Blob Data Contributor for a storage account. This template fails with
Deployment failed. Correlation ID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx. {
"error": {
"code": "PrincipalNotFound",
"message": "Principal xxxxxxxxxxx does not exist in the directory xxxxx-xxxx-xxxx-xxxx-xxxxxxxx."
}
}
Adding
principalType
per the documentation here fixed the problem.https://docs.microsoft.com/en-us/azure/role-based-access-control/role-assignments-template#new-service-principal