question

SamDC-7317 avatar image
0 Votes"
SamDC-7317 asked SamSwaminathan-3965 answered

LightHouse Issue

Hello - need help on Azure Light House..
1) I have a Account A with tenant ID: 04a96f6f-259e-4135-891f-bcd684f5d83f

2) I created an User on Account A with "reader" role (Azure Role)

3) I have another Account B, with another subscription, which I want to be managed by Account A (at subscription level)

4) Used "delegatedResourceManagement.json" Template
In Parameters file, I have added:
a) Account A's tenant ID
b) Object ID for the User created in step #2 (principal ID)
c) ObjectID of the Role ("Reader" Role) - (roleDefinitionID)

5) Ran the template using CLI/SHELL on Account B (az deployment sub create...), ran successfully without the errors.

RESULTs:
a) On Acccount B, MSP is visible in the Service Providers section, shows "Subscription 1" under delegation
b) However, dont see any updates on Account A --> Mycustomers

What is missing OR am I doing wrong ?

azure-lighthouse
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

SamSwaminathan-3965 avatar image
1 Vote"
SamSwaminathan-3965 answered

I figured out the issue quickly after I posted above...
I had to login as the user who has been delegated..I was logged in another user with the contributor (AD role) assuming that would show everything. This is a good control.
This enablement thru ARM Template works like charm...same template and command can be easily applied to multiple clients

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.