Recently while working in an Azure Data Factory pipeline, I have faced an issue with the following error. I was assigned with the permission Data Factory Contributor at the Data Factory resource.
Error code: OK Inner error code: AuthorizationFailed Message: The client 'firstname.lastname@example.org' with object id '10ee9440-1700-5c5b-fc9a-c35b8e6c1aad' does not have authorization to perform action 'Microsoft.Resources/deployments/write' over scope '/subscriptions/87cd571d-5591-78c-dedf-asfsfg6af981/resourcegroups/rg-adf-dev/providers/Microsoft.Resources/deployments/publishing_12345222' or the scope is invalid. If access was recently granted, please refresh your credentials.
As the error message says, I lack privileges in the resource group level. On checking the Microsoft documentation, I found that I will need Data Factory Contributor privilege at the Resource Group level also, not just at the resource level. All the Data Factory Users need to be assigned with this role at the resource group level where there Data Factory resides.
After adding this permission at the resource group level, the issue was resolved.