This KB is for immediate information as we are updating our documentation.
Currently our doc titled "Create credentials for cloud discovery" on Kingston has a section called "Create credentials for an Azure cloud discovery"
In this section it states "On the Azure portal, the Active Directory administrator or Azure administrator role is required"
This is saying that you need a user with the "Contributor" role. Since our customer have asked, we are allowing a user with the "Reader" role (which has less privileges).
The same holds true for our London doc and version of ServiceNow.