| Source |
Repository Community-Policy GitHub JSON Community-Policy GitHub |
||||||
| Display name | Assign Cross Subscription User-Assigned Managed Identity to Virtual Machine Scale Set | ||||||
| Id | 7a38a53e-958c-50af-acca-fe2785e0cf7c | ||||||
| Version | 1.0.0 Details on versioning |
||||||
| Category | Managed Identity Microsoft Learn |
||||||
| Description | Assign User-Assigned Managed Identity that can be located in a different subscription to Virtual Machine Scale Set. Adapted from built-in /providers/Microsoft.Authorization/policyDefinitions/516187d4-ef64-4a1b-ad6b-a7348502976c. This policy is meant to be assigned at Management Group Level, otherwise you must assign manualy the permissions (Microsoft.Authorization/locks/write + Microsoft.Resources/deployments/* + */read) to the Policy Managed Idenity on the cross subscription UAMI. | ||||||
| Mode | Indexed | ||||||
| Type | Custom Community | ||||||
| Effect | Default DeployIfNotExists Allowed AuditIfNotExists, DeployIfNotExists, Disabled |
||||||
| RBAC role(s) |
|
||||||
| Rule aliases | |||||||
| Rule resource types | IF (1) Microsoft.Compute/virtualMachineScaleSets THEN-Deployment (5) Microsoft.Authorization/locks Microsoft.Compute/virtualMachineScaleSets Microsoft.ManagedIdentity/userAssignedIdentities Microsoft.Resources/deployments Microsoft.Resources/resourceGroups |
||||||
| JSON |
|