Share via

Cannot assign myself owner to Subscription/Key Vault

James Wilson 0 Reputation points
2025-04-26T05:53:15.9266667+00:00

I had duplicate Owner roles on Key Vault - which I believed was causing an issue. Deleted roles then tried to re-provision, now being told that I don't have authority to do that, and noticed I cannot add myself (in IAM) as Owner of the Subscription.

Any help appreciated.

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,416 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. TP 118.5K Reputation points
    2025-04-26T05:59:42.1833333+00:00

    Hi James,

    I'm assuming you are Global Administrator in your Entra ID tenant. If my assumption is correct, please follow instructions in article below to elevate access:

    Elevate access for a Global Administrator

    https://learn.microsoft.com/en-us/azure/role-based-access-control/elevate-access-global-admin?tabs=azure-portal%2Centra-audit-logs#perform-steps-at-root-scope

    Once your user has elevated access, sign out and sign-in again for the change to take effect.

    Next navigate to subscription in Azure portal, then on left click Access control (IAM) blade.

    Click Add -- Add role assignment, next click Privileged administrator roles tab, select Owner, click Next, click Select members, search for and Select your account, click Next, on Conditions tab select Allow user to assign all roles (highly privileged), click Review + assign, Review + assign.

    After you are finished please remember to toggle the elevated access back to off.

    Please reply back here with your results, whether positive or negative.

    Please click Accept Answer and upvote if the above was helpful.

    Thanks.

    -TP

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.