Background
I want to give an application ownership of several of my Azure Service Bus queues ... specifically, by granting it the Azure Service Bus Data Owner role.
The Azure Service Bus documentation says this is possible:
Azure Service Bus supports using Azure Active Directory (Azure AD) to authorize requests to Service Bus entities (queues, topics, subscriptions, or filters). With Azure AD, you can use role-based access control (RBAC) to grant permissions to a security principal, which may be a user, group, or application service principal [my emphasis].
(Source)
However, I can't find a way to do it.
What I've Tried
- Registered the application in Azure AD.
- Granted the application the
user_impersonation
permission onMicrosoft.ServiceBus
. (Application permissions
is disabled [1], so I selectedDelegated permissions
and checkeduser_impersonation
[2]. No idea if that's right. I posted another question a while ago aboutApplication permissions
being disabled, but the accepted answer of editing the manifest doesn't work in this case.) - In my Service Bus queue, selected
Role assignments
. - Clicked
Add
. - Searched for my application.
Issue
My application doesn't appear in the search results in Role assignments
.