You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave comments along the lines of "+1", "me too" or "any updates", they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment and review the contribution guide to help.
Terraform Version
195
AzureRM Provider Version
4.4.0
Affected Resource(s)/Data Source(s)
azurerm_role_definition
Terraform Configuration Files
NA
Debug Output/Panic Output
NA
Expected Behaviour
Documentation for azurerm_role_definition doesn't show an example of a role being defined at the Management Group scope. Adding an example is important to help inform the users that yes, you can assign a custom role at the management group level and this is how.
resource "azurerm_role_definition" "example" {
name = "example-mg-role"
scope = azurerm_management_group.example.id
description = "Example custom role scoped to a management group."
permissions {
actions = ["Microsoft.Insights/alertRules/*",
]
not_actions = []
}
assignable_scopes = [
azurerm_management_group.example.id
]
}
Update the arguments scope and assignable_scope
Scope:
(Required) The scope at which the Role Definition applies to, such as
Is there an existing issue for this?
Community Note
Terraform Version
195
AzureRM Provider Version
4.4.0
Affected Resource(s)/Data Source(s)
azurerm_role_definition
Terraform Configuration Files
Debug Output/Panic Output
Expected Behaviour
Documentation for
azurerm_role_definition
doesn't show an example of a role being defined at the Management Group scope. Adding an example is important to help inform the users that yes, you can assign a custom role at the management group level and this is how.Update the arguments
scope
andassignable_scope
Scope:
(Required) The scope at which the Role Definition applies to, such as
It is recommended to use the first entry of the assignable_scopes. Changing this forces a new resource to be created.
Assignable_Scopes
(Optional) One or more assignable scopes for this Role Definition, such as
Actual Behaviour
No response
Steps to Reproduce
No response
Important Factoids
No response
References
No response
The text was updated successfully, but these errors were encountered: