![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 60%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
Azure Cost Management
A Microsoft offering that enables tracking of cloud usage and expenditures for Azure and other cloud providers.
2,778 questions
@raj Sorry for the painful experience!The issue you're encountering is related to permissions after you moved your Azure subscription between tenants and directories. When you move a subscription between tenants or directories, it can cause changes to the role assignments and permissions associated with that subscription. Specifically, the permissions tied to your user account might have been affected, and you could have lost certain privileges, such as creating resources or managing role assignments.
Verify your role: You need to be assigned a role with sufficient permissions, such as Owner, Contributor, or User Access Administrator.
- To check your roles:
- Navigate to Azure Portal.
- Go to Subscriptions.
- Select the subscription in question.
- Under Access control (IAM), look for your user and verify if you have the necessary permissions (Owner or Contributor). If you do not have these roles, you won't be able to create resources or perform other administrative tasks.
If someone else has access to the subscription, ask them to reassign roles (such as Owner or Contributor) to your user account.
The Directory Administrator or someone with Global Admin or Owner privileges in the Azure Active Directory of the current directory (tenant) should be able to grant you proper permissions.
If you are the only global admin on the account and are blocked entirely, you can reach out to our support team. You can look into below article to get support numbers depending on your country.
or creating a ticket through a different account: https://learn.microsoft.com/en-us/microsoft-365/admin/get-help-support?view=o365-worldwide#phone-support
While creating a ticket with Microsoft support team. Give them the tenant ID which is locked out in your description. Tell them that no admin account has access anymore and your partners also have no access anymore.
Once you create a ticket with support team you will have to work with our data protection team. You will have to first prove your identity against your tenant for security purpose. Post that this team will help you with help you in getting access to your tenant or unlock your account depending on your scenario.
Also, for the future, you can create an emergency access account (break glass) in Azure AD. This account will help prevent being accidentally locked out of your Azure Active Directory (Azure AD) organization because you can't sign in for any reason.
https://docs.microsoft.com/en-us/azure/active-directory/roles/security-emergency-access
Hope this helps. Please tag me in your reply if you have any concerns or need further assistance.
If the response helped, do "Accept Answer" and up-vote it
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 38%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMP%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 24%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAA%3C/text%3E%3C/svg%3E)