The Azure REST API is well documented and thanks to the REST API browser you can quickly try something out. However, there are moments in the Azure portal that lead to puzzled faces and in these cases the “Developer tools” of your favorite browser help to shed light into the dark. The scenario A user with “Read Only” rights on the subscription should be able to see if and where a virtual machine is backed up.

Anyone who uses groups to assign permissions knows the problem. After the assignment to a new group, this right is not immediately effective. The tip is then usually to re-login. However, if a server is authorized e.g. to a certificate via a group membership, this means a restart of the server. However, the correct solution is much simpler: deleting the Kerberos ticket and removing the cache entries from the certificate store.

Info Sorry, but all older blod entries are only available in german. I try to translate those which might be still relevant one at a time, but if you are interesent in all blog entries, change the language to german and use Deepl or Google translate in the meantime.