microsoft · Prajwal-Microsoft · May 19, 2026 · May 18, 2026 · May 19, 2026
@@ -441,22 +441,22 @@ az role assignment create `
   --scope "/subscriptions/<sub>/resourceGroups/<rg>/providers/Microsoft.Storage/storageAccounts/<storage>"
 ```
 
-### Azure AI User Access Denied
+### Foundry User Access Denied
 
-The local dev script assigns the Azure AI User role automatically. If you still encounter issues, add manually:
+The local dev script assigns the Foundry User role automatically. If you still encounter issues, add manually:
 
 ```bash
 # Linux/macOS
 az role assignment create \
-  --role "Azure AI User" \
+  --role "Foundry User" \
   --assignee $(az ad signed-in-user show --query id -o tsv) \
   --scope /subscriptions/<sub>/resourceGroups/<rg>/providers/Microsoft.CognitiveServices/accounts/<ai-foundry-account>
 ```
 
 ```powershell
 # Windows PowerShell
 az role assignment create `
-  --role "Azure AI User" `
+  --role "Foundry User" `
   --assignee (az ad signed-in-user show --query id -o tsv) `
   --scope "/subscriptions/<sub>/resourceGroups/<rg>/providers/Microsoft.CognitiveServices/accounts/<ai-foundry-account>"
 ```

@@ -618,7 +618,7 @@ module aiFoundryAiServices 'br/public:avm/res/cognitive-services/account:0.14.2'
     }
     roleAssignments: [
       {
-        roleDefinitionIdOrName: '53ca6127-db72-4b80-b1b0-d745d6d5456d' // Azure AI User
+        roleDefinitionIdOrName: '53ca6127-db72-4b80-b1b0-d745d6d5456d' // Foundry User
         principalId: userAssignedIdentity.outputs.principalId
         principalType: 'ServicePrincipal'
       }
@@ -633,7 +633,7 @@ module aiFoundryAiServices 'br/public:avm/res/cognitive-services/account:0.14.2'
         principalType: 'ServicePrincipal'
       }
       {
-        roleDefinitionIdOrName: '53ca6127-db72-4b80-b1b0-d745d6d5456d' // Azure AI User for deployer
+        roleDefinitionIdOrName: '53ca6127-db72-4b80-b1b0-d745d6d5456d' // Foundry User for deployer
         principalId: deployer().objectId
       }
     ]

@@ -658,7 +658,7 @@ module aiFoundryAiServices 'br/public:avm/res/cognitive-services/account:0.14.2'
     }
     roleAssignments: [
       {
-        roleDefinitionIdOrName: '53ca6127-db72-4b80-b1b0-d745d6d5456d' // Azure AI User
+        roleDefinitionIdOrName: '53ca6127-db72-4b80-b1b0-d745d6d5456d' // Foundry User
         principalId: userAssignedIdentity.outputs.principalId
         principalType: 'ServicePrincipal'
       }
@@ -673,7 +673,7 @@ module aiFoundryAiServices 'br/public:avm/res/cognitive-services/account:0.14.2'
         principalType: 'ServicePrincipal'
       }
       {
-        roleDefinitionIdOrName: '53ca6127-db72-4b80-b1b0-d745d6d5456d' // Azure AI User for deployer
+        roleDefinitionIdOrName: '53ca6127-db72-4b80-b1b0-d745d6d5456d' // Foundry User for deployer
         principalId: deployer().objectId
       }
     ]

@@ -23,7 +23,7 @@ param principalType string = 'ServicePrincipal'
 
 // ========== Role Definitions ========== //
 
-// Azure AI User role - for AI Foundry project access (used by AIProjectClient for image generation)
+// Foundry User role - for AI Foundry project access (used by AIProjectClient for image generation)
 resource azureAiUserRole 'Microsoft.Authorization/roleDefinitions@2022-04-01' existing = {
   name: '53ca6127-db72-4b80-b1b0-d745d6d5456d'
 }
@@ -48,7 +48,7 @@ resource existingAiProject 'Microsoft.CognitiveServices/accounts/projects@2025-1
 
 // ========== Role Assignments ========== //
 
-// Azure AI User role assignment - same as reference accelerator
+// Foundry User role assignment - same as reference accelerator
 // Required for AIProjectClient (used for image generation in Foundry mode)
 resource assignAzureAiUserRole 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
   name: guid(existingAiServices.id, principalId, azureAiUserRole.id)

@@ -102,7 +102,7 @@ function Ensure-AzureLogin {
 }
 
 function Ensure-AzureAIUserRole {
-    Write-Info "Checking Azure AI User role..."
+    Write-Info "Checking Foundry User role..."
 
     # Get env vars
     $existingProjectId = $null
@@ -135,15 +135,15 @@ function Ensure-AzureAIUserRole {
     $existing = az role assignment list --assignee $signedUserId --role $roleId --scope $scope --query "[0].id" -o tsv 2>$null
 
     if ($existing) {
-        Write-Success "Azure AI User role already assigned."
+        Write-Success "Foundry User role already assigned."
     } else {
-        Write-Info "Assigning Azure AI User role..."
+        Write-Info "Assigning Foundry User role..."
         az role assignment create --assignee $signedUserId --role $roleId --scope $scope --output none 2>$null
         if ($LASTEXITCODE -ne 0) {
-            Write-Error "Failed to assign Azure AI User role."
+            Write-Error "Failed to assign Foundry User role."
             exit 1
         }
-        Write-Success "Azure AI User role assigned."
+        Write-Success "Foundry User role assigned."
     }
 }
 

@@ -100,7 +100,7 @@ ensure_azure_login() {
 }
 
 ensure_azure_ai_user_role() {
-    print_info "Checking Azure AI User role..."
+    print_info "Checking Foundry User role..."
 
     local existing_project_id=""
     local foundry_resource_id=""
@@ -131,14 +131,14 @@ ensure_azure_ai_user_role() {
     existing=$(MSYS_NO_PATHCONV=1 az role assignment list --assignee "$signed_user_id" --role "$role_id" --scope "$scope" --query "[0].id" -o tsv 2>/dev/null)
 
     if [ -n "$existing" ]; then
-        print_success "Azure AI User role already assigned."
+        print_success "Foundry User role already assigned."
     else
-        print_info "Assigning Azure AI User role..."
+        print_info "Assigning Foundry User role..."
         if ! MSYS_NO_PATHCONV=1 az role assignment create --assignee "$signed_user_id" --role "$role_id" --scope "$scope" --output none 2>/dev/null; then
-            print_error "Failed to assign Azure AI User role."
+            print_error "Failed to assign Foundry User role."
             exit 1
         fi
-        print_success "Azure AI User role assigned."
+        print_success "Foundry User role assigned."
     fi
 }