azure-powershell icon indicating copy to clipboard operation
azure-powershell copied to clipboard

Published 20 hours ago verified publisher icon Azure

Get-AzRecoveryServicesBackupRecommendedArchivableRPGroup requires '/action' permission

Open MarcSteene opened this issue 2 years ago • 3 comments

Description

Hi,

I'm attempting to use Get-AzRecoveryServicesBackupRecommendedArchivableRPGroup to get the recovery points recommended for move to archive tier for cost savings. A 'get' or 'read' command like this I'd expect would only require read permissions to retrieve the recovery points, but it requires an action permission meaning the Reader role is insufficient: ‘Microsoft.RecoveryServices/vaults/backupFabrics/protectionContainers/protectedItems/recoveryPointsRecommendedForMove/action‘

This makes things awkward from a reporting perspective as a custom role has to be created or an overprivileged role such as backup operator needs to be assigned.

Script or Debug output

No response

Environment data

No response

Module versions

No response

Error output

No response

MarcSteene avatar May 17 '22 15:05 MarcSteene

Thank you for your feedback. This has been routed to the support team for assistance.

ghost avatar May 18 '22 07:05 ghost

@MarcSteene Thank you for reaching out, we are looking into it.

RakeshMohanMSFT avatar Jun 01 '22 06:06 RakeshMohanMSFT

@MarcSteene do you still experience the issue ?

Daya-Patil avatar Jan 29 '24 03:01 Daya-Patil

Please share debug logs by adding the -Debug parameter to this command and re-open this issue. we can check further on this

hiaga avatar Mar 21 '24 07:03 hiaga