Create a management group

I want to create a management group via terraform, I always get this error:

Error: Error checking for presence of existing Management Group “44e31673-2f5b-4215-ac95-e44989bd79b1”: managementgroups.Client#Get: Failure responding to request: StatusCode=403
– Original Error: autorest/azure: Service returned an error. Status=403 Code=“AuthorizationFailed” Message=“The client x with object id x does not have authorization to perform action ‘Microsoft.Management/managementGroups/read’ over scope ‘/providers/Microsoft.Management/managementGroups/44e31673-2f5b-4215-ac95-e44989bd79b1’ or the scope is invalid. If access was recently granted, please refresh your credentials.”

But my service principal (Azure AD App) is owner in the Tenant Root Group? What authorizations does the service principal need?

The Management Group “44e31673-2f5b-4215-ac95-e44989bd79b1” does not yet exist and the ID was created by Terraform.

Can you help me with this topic?

Hi Reto

It seems like a bug introduced with the new terraform provider in version 2. It works with version 1.44.0

Cheers

I am getting the same error in the 2.8.0 version of the azurerm provider

it only required the Management Group Contributor I have my service principal added to it but still not luck.

Did you manage to find a solution for this error?
I’m experiencing the same problem.