Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix/#412 incorrect role definition & change evaluationDelay to AfterProvisioning #413

Merged
merged 3 commits into from
Jan 17, 2024

Conversation

aschabus
Copy link
Collaborator

No description provided.

to allow creation of management lock.
This change is needed as per Microsoft's documentation that states the
Owner built-in role is needed to create a management lock.
For more info, refer:
https://learn.microsoft.com/en-us/answers/questions/1281990/can-a-contributor-create-a-lock-on-resource-group
The policy evaluation has been set to run after the provisioning instead of waiting for 10 minutes.
For more information, refer to:
https://learn.microsoft.com/en-us/azure/governance/policy/concepts/effects#deployifnotexists
based on a GH comment, to make it clearer
@aschabus aschabus merged commit 50eb124 into main Jan 17, 2024
2 checks passed
@aschabus aschabus deleted the fix/#412-incorrect-role-definition branch January 17, 2024 14:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Incorerct role definition ID for policy "Deploy Resource Lock on RGs - tag exclusion"?
2 participants