This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 88%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
I'd like to use the same SPN which has elevated rights on hundreds of independent Azure subscriptions.
Is it possible to take the same SPN and just automatically have it added to every account and any new account that gets created?
Hello @Aquilino ,
Thanks for reaching out.
A feasible way in this scenario would when you have all Azure cloud subscription are added into a single Management Group so that you get to manage all existing as well new subscription that are linked to specific management group
By leveraging Management Group which would provides centralized management for resources across subscriptions and there are other benefits of using Management group, to learn more refer.
Here is hierarchy of RBAC role access so you can either assign role to specific user, group or service principal at either in Management group, or subscription level or at resource level as shown below:
Reference:
Add subscription to Management group
Assign role at Management group level
Example: Lets say you have 100+ existing subscription that are added to added to single management group and Owner role assigned to specific service principal at Management group level so when you go to each subscription then you would see role RBAC inherited from management group as shown below:
Hope this helps.
------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.