CPM installation on Azure fails with error: Could not create disk in location us-east Reason: (Authorization Failure) The client does not have authorization to perform action Microsoft.Compute/disks/write over scope.
CPM for Azure installation may receive the error Could not create disk in location us-east Reason: (Authorization Failure) The client does not have authorization to perform action Microsoft.Compute/disks/write over scope.
This is caused by not attaching the Role to the CPM Virtual Machine in Azure.
If you download the installation logs and review the cpm_config.log it shows the error as well.
2023-05-08 11:20:10,383:[140406230574848] ERROR: create_and_or_attach_data_disk(config_applier.py:124) create_and_or_attach_data_disk() - failed: Could not create disk in location: eastus. Reason: (AuthorizationFailed) The client 'c0b13c7c-2934-4de8-b3fb-############' with object id 'c0b13c7c-2934-4de8-b3fb-############' does not have authorization to perform action 'Microsoft.Compute/disks/write' over scope '/subscriptions/d6dd327c-297b-############/resourceGroups/cpm-joe_group_05081109/providers/Microsoft.Compute/disks/n2ws-data-disk-2023-05-08-16-20-10' or the scope is invalid. If access was recently granted, please refresh your credentials.
Code: AuthorizationFailed
Message: The client 'c0b13c7c-2934-4de8-b3fb-7e7b6b0fa895' with object id 'c0b13c7c-2934-4de8-############' does not have authorization to perform action 'Microsoft.Compute/disks/write' over scope '/subscriptions/d6dd327c-297b-############/resourceGroups/cpm-joe_group_05081109/providers/Microsoft.Compute/disks/n2ws-data-disk-2023-05-08-16-20-10' or the scope is invalid. If access was recently granted, please refresh your credentials.
To Resolve this issue please go to the Azure Portal and do the following:
Browse to Virtual Machines and click on the CPM Virtual Machine. In this example its name is cpm-joe.
Select Identity under the Virtual Machine and the choose system assigned, Click on the Azure Role Assignments button.
Please then select under the Scope drop down Subscription. Please make sure that in the Subscription drop down menu you select the correct Subscription. Browse under the Role and add the Role for this managed identity. Click Save.
Then in the CPM install screen hit f5 to go through the CPM configuration and it should configure successfully.
Related Articles
How to setup CPM on AWS to backup Azure virtual machines and disks.
This article will show the configuration steps required to have CPM running on AWS backup and restore Azure virtual machines and disks. Part I Add an App registration in Azure. 1. Open the Azure portal and go to Azure Active Directory, then click on ...Patch installation fails with Internal Server Error
Issue: Patch installation fails with this error in the UI Solution: 1. Connect to the N2WS server via SSH, username is cpmuser and your selected keyPair 2. Run the following command sudo grep PrivateTmp /lib/systemd/system/apache2.service 3. If ...Release notes for the latest v4.2.x CPM release
First time Installing? Watch the Install and Configure N2WS Backup & Recovery video tutorial AMI upgrade is available from 2.6.0 and above to 4.2.2 KB article: AMI upgrade directions Patch upgrade is available from 4.2.0/4.2.1 to 4.2.2. KB article: ...Error: "Security type of VM is not compatible with the security type of attached OS Disk." During Recovery in Azure
When performing a recovery of a VM In Azure, you may face the following Error in the CPM UI: "Security type of VM is not compatible with the security type of attached OS Disk." Also the logs will show the following error: "Failed creating virtual ...How to create and configure an EBS Endpoint for CPM Workers
This article will provide step-by-step instructions on how to create and configure an EBS Endpoint for CPM workers (v3.1 and up) Step 1: Let's say that you have created this VPC for your workers: In this example, we allocated IPv4 addresses ...