Azure Service Account
Go to the Azure portal and add permissions to your Azure account. The account for the default subscription will need at least the following permissions:
Contributor
For other subscriptions that are connected to your account, add the following permissions:
Snapshots
Microsoft.Compute/snapshots/read
Microsoft.Compute/snapshots/write
Microsoft.Compute/snapshots/delete
Virtual Machines
Microsoft.Compute/virtualMachines/write
Microsoft.Compute/virtualMachines/delete
Microsoft.Compute/virtualMachines/read
Disks
Microsoft.Compute/disks/read
Microsoft.Compute/disks/write
Microsoft.Compute/disks/delete
Microsoft.Resources/subscriptions/resourceGroups/read
Microsoft.Resources/subscriptions/resourceGroups/write
Microsoft.Resources/subscriptions/resourceGroups/delete
Storage accounts
Microsoft.Storage/storageAccounts/read
Microsoft.Storage/storageAccounts/write
Microsoft.Storage/storageAccounts/delete
Repository Account
Go to the Azure portal and add permissions to your storage account. You will need at least the following permissions:
Microsoft.Storage/storageAccounts/*
Microsoft.Resources/subscriptions/resourceGroups/read