| Source |
Repository Community-Policy GitHub JSON Community-Policy GitHub |
||||||
| Display name | Assign Cross Subscription User-Assigned Managed Identity to Virtual Machines | ||||||
| Id | e2464615-862b-5b44-901b-df87360c25ee | ||||||
| Version | 1.0.0 Details on versioning |
||||||
| Category | Managed Identity Microsoft Learn |
||||||
| Description | Assign User-Assigned Managed Identity that can be located in a different subscription to Virtual Machines. Adapted from built-in /providers/Microsoft.Authorization/policyDefinitions/d367bd60-64ca-4364-98ea-276775bddd94. This policy is meant to be assigned at Management Group Level, otherwise you must assign manualy the permissions (Microsoft.Authorization/locks/write + Microsoft.Resources/deployments/* + */read) to the Policy Managed Idenity on the cross subscription UAMI. | ||||||
| Mode | Indexed | ||||||
| Type | Custom Community | ||||||
| Effect | Default DeployIfNotExists Allowed AuditIfNotExists, DeployIfNotExists, Disabled |
||||||
| RBAC role(s) |
|
||||||
| Rule aliases | |||||||
| Rule resource types | IF (1) Microsoft.Compute/virtualMachines THEN-Deployment (5) Microsoft.Authorization/locks Microsoft.Compute/virtualMachines Microsoft.ManagedIdentity/userAssignedIdentities Microsoft.Resources/deployments Microsoft.Resources/resourceGroups |
||||||
| JSON |
|