diff --git a/infra/modules/role.bicep b/infra/modules/role.bicep index f700f092f..ba07c0aed 100644 --- a/infra/modules/role.bicep +++ b/infra/modules/role.bicep @@ -29,6 +29,7 @@ resource aiUserAccessFoundry 'Microsoft.Authorization/roleAssignments@2022-04-01 properties: { roleDefinitionId: aiUser.id principalId: principalId + principalType: 'ServicePrincipal' } } @@ -38,6 +39,7 @@ resource aiDeveloperAccessFoundry 'Microsoft.Authorization/roleAssignments@2022- properties: { roleDefinitionId: aiDeveloper.id principalId: principalId + principalType: 'ServicePrincipal' } } @@ -47,5 +49,6 @@ resource cognitiveServiceOpenAIUserAccessFoundry 'Microsoft.Authorization/roleAs properties: { roleDefinitionId: cognitiveServiceOpenAIUser.id principalId: principalId + principalType: 'ServicePrincipal' } } diff --git a/infra/old/deploy_ai_foundry.bicep b/infra/old/deploy_ai_foundry.bicep index 11b40bf0e..9f29af124 100644 --- a/infra/old/deploy_ai_foundry.bicep +++ b/infra/old/deploy_ai_foundry.bicep @@ -169,6 +169,7 @@ resource aiDevelopertoAIProject 'Microsoft.Authorization/roleAssignments@2022-04 properties: { roleDefinitionId: aiDeveloper.id principalId: aiHubProject.identity.principalId + principalType: 'ServicePrincipal' } } diff --git a/infra/old/main.bicep b/infra/old/main.bicep index 661973ff8..c84added1 100644 --- a/infra/old/main.bicep +++ b/infra/old/main.bicep @@ -680,6 +680,7 @@ module aiFoundryStorageAccount 'br/public:avm/res/storage/storage-account:0.18.2 { principalId: userAssignedIdentity.outputs.principalId roleDefinitionIdOrName: 'Storage Blob Data Contributor' + principalType: 'ServicePrincipal' } ] } @@ -760,6 +761,7 @@ module aiFoundryAiProject 'br/public:avm/res/machine-learning-services/workspace principalId: containerApp.outputs.?systemAssignedMIPrincipalId! // Assigning the role with the role name instead of the role ID freezes the deployment at this point roleDefinitionIdOrName: '64702f94-c441-49e6-a78b-ef80e0188fee' //'Azure AI Developer' + principalType: 'ServicePrincipal' } ] }