Below errors occur when executing a DevOps pipeline using Yaml AzureCLI@2 task.

1. ERROR: Insufficient privileges to complete the operation.
2. ERROR: argument –assignee-object-id: expected one argument

task: AzureCLI@2
  displayName: 'Assign role "Storage Blob Data Contributor" to the task-poll-queued-compliance-jobs1-<env> logic app'
  inputs:
    azureSubscription: ${{ parameters.connectionName }}
    scriptLocation: 'inlineScript'
    scriptType: 'pscore'
    inlineScript: '$assigneeId = (az ad sp list --all --filter "servicePrincipalType eq ''ManagedIdentity'' and displayName eq ''<logic app name>''" | ConvertFrom-Json | select -ExpandProperty id);az role assignment create --role "Storage Blob Data Contributor" --assignee-object-id $assigneeId --scope "/subscriptions/<subscriptionId>/resourceGroups/<resource group>/providers/Microsoft.Storage/storageAccounts/<storageaccount>"'

I have tried the following to diagnose and fix the issue.

1. I have hard coded the $assigneeId value in the YAML and executed the pipeline successfully.

EG. az role assignment create –role “Storage Blob Data Contributor” –assignee-object-id “” –scope “/subscriptions//resourceGroups//providers/Microsoft.Storage/storageAccounts/”‘

2. On failed pipeline runs I am able copy the inline script to be executed from the Pipeline logs and run it in an Azure Cloud shell with no issues.

3. I tried giving the App Registration that the pipeline connects to Azure has owner role of the resource group, but this also did not fix the issue.