We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
For the policy definition policyDefinitions/General/deploy-resource-lock-on-rgs-tag-exclusion/azurepolicy.json, is the role defintion correct?
policyDefinitions/General/deploy-resource-lock-on-rgs-tag-exclusion/azurepolicy.json
In the code, it has:
"/providers/Microsoft.Authorization/roleDefinitions/35b50af1-b556-492f-8595-cbf5cb531055"
But I cannot see any built-in role (https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles) with the role Id of 35b50af1-b556-492f-8595-cbf5cb531055.
35b50af1-b556-492f-8595-cbf5cb531055
Assuming this code is sourced from https://github.com/grabery/graber.cloud-azure-templates/blob/main/gov/policies/audit-and-deploy-resource-lock/azdeploy.json, then that definition uses a role Id of 8e3af657-a8ff-443c-a75c-2fe8c4bcb635, i.e. Owner.
8e3af657-a8ff-443c-a75c-2fe8c4bcb635
The text was updated successfully, but these errors were encountered:
@kamfaima thanks for letting us know
Sorry, something went wrong.
Merge pull request #413 from Azure/fix/#412-incorrect-role-definition
50eb124
Fix/#412 incorrect role definition & change evaluationDelay to AfterProvisioning
Successfully merging a pull request may close this issue.
For the policy definition
policyDefinitions/General/deploy-resource-lock-on-rgs-tag-exclusion/azurepolicy.json
, is the role defintion correct?In the code, it has:
But I cannot see any built-in role (https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles) with the role Id of
35b50af1-b556-492f-8595-cbf5cb531055
.Assuming this code is sourced from https://github.com/grabery/graber.cloud-azure-templates/blob/main/gov/policies/audit-and-deploy-resource-lock/azdeploy.json, then that definition uses a role Id of
8e3af657-a8ff-443c-a75c-2fe8c4bcb635
, i.e. Owner.The text was updated successfully, but these errors were encountered: