Reputation: 337
Creating global roles in Azure ?
As I understand when a role is created in azure are only available in the assignable scope they are defined with. When in a new subscription I would not be able to call the role or assign it.
If I were to create a new role in the current subscription with the same name, it would throw an error as the role already exists.
Is there a way around this ?
Upvotes: 0
Views: 206
Answers (1)
Reputation: 72151
So, I don't think you are correct.
"Custom roles are stored in an Azure AD tenant and can be shared across all subscriptions that use that tenant as the Azure AD directory for the subscription."
So you can assign that role across all subscriptions a tenant has. So effectively that means you don't have to recreate your role for every subscription your tenant has. And if subscriptions are assigned to different tenant you can create custom roles with the same name for each of those.
https://learn.microsoft.com/en-us/azure/active-directory/role-based-access-control-custom-roles
Upvotes: 0
Related Questions
- azure role : owner, global administrator AAD
- Active Directory groups and roles
- How to create an azure custom role
- Provide role for user in Azure Active Directory
- Azure Web Roles and Instances
- Deploy a web role in Azure
- Azure Active directory Roles Management
- Running an Azure role in multiple regions?
- Azure Web Role configuration settings across environments
- Windows azure web role on local IIS