Skip to main content

I tried creating both an Azure VNET an Aviatrix gateway from CoPilot, but they both failed with the following error:

[AVXERR-RBAC-0024] User does not have access to account MY_AZURE_SUBSCRIPTION to perform the current action 

 

Note that both actions succeded if performed from the controller.

The servce account I’m using for copilot is named SVC_CoPilot_usr, is part of the SVC_CoPilot permission group, which has “all_write” permissions.

Hey Bigo, 

This looks like there might a mismatch on the user that you are using on CoPilot and the one you are using on the Controller. 

Would you be able to confirm that you are logging into the controller and CoPilot with the same username and password? 

A quick way to make sure is instead of logging directly into CoPilot you could try logging into the controller first and in the top right corner click the application logo, this will give you a quick link to CoPilot! 
 



If you are already using the same username/password, they should have access to the same permissions so you might need to look into opening a ticket with our support team to make sure that CoPilot has the same access as the controller does! 
 

I hope this helps! 

To contact support you can use this link: https://support.aviatrix.com/


Hi @Josh ,

 

thanks for your support.

I was a bit confused  because I was logged in with the same username/password (admin), but I was using a different account as service account (SVC_CoPilot_usr). In the documentation (point 6) there is no mention on what account to use.

Is it then mandatory to use as service account the same account used for logging in to CoPilot?

Indeed, after replacing SVC_CoPilot_usr with admin in Configuration > General >Service Account, the issue was solved, and I was able tocreate both VNET and Gateways.

 

 


Reply