Pedro Paulo
Reputation: 103
How to move subscription under management group using ARM templates?
How can I move a subscription under a management group via an ARM template? This should be possible via the following resource provider: Microsoft.Management managementGroups/subscriptions template reference
I tried to define the subscription child resource in two ways but both deployments are failing with the same error: 'error': {'code': 'InternalServerError', 'message': "(...) 500 - Internal server error. There is a problem with the resource you are looking for, and it cannot be displayed. (...)" } }.
Option 1:
{
"$schema": "https://schema.management.azure.com/schemas/2019-08-01/managementGroupDeploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"managementGroupName": {
"type": "String",
"metadata": {
"description": "The management group to be configured"
}
},
"childSubscription": {
"type": "String",
"metadata": {
"description": "The list of child subscription IDs of the management group"
}
}
},
"variables": {},
"functions": [],
"resources": [
{
"type": "Microsoft.Management/managementGroups",
"apiVersion": "2019-11-01",
"name": "[parameters('managementGroupName')]",
"resources": [
{
"type": "subscriptions",
"apiVersion": "2020-05-01",
"name": "[parameters('childSubscription')]",
"dependsOn": [
"[parameters('managementGroupName')]"
]
}
]
}
],
"outputs": {}
}
Option 2:
{
"$schema": "https://schema.management.azure.com/schemas/2019-08-01/managementGroupDeploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"managementGroupName": {
"type": "String",
"metadata": {
"description": "The management group to be configured"
}
},
"childSubscription": {
"type": "String",
"metadata": {
"description": "The list of child subscription IDs of the management group"
}
}
},
"variables": {},
"functions": [],
"resources": [
{
"type": "Microsoft.Management/managementGroups/subscriptions",
"apiVersion": "2020-05-01",
"name": "[concat(parameters('managementGroupName'), '/', parameters('childSubscription'))]"
}
],
"outputs": {}
}
Upvotes: 0
Views: 856
Answers (1)
Pedro Paulo
Reputation: 103
The deployment must be done at tenant level instead of management group level. The resource definition then becomes:
{
"type": "Microsoft.Management/managementGroups",
"apiVersion": "2019-11-01",
"name": "[variables('managementGroupName')]",
"properties": {},
"resources": [
{
"type": "subscriptions",
"apiVersion": "2020-05-01",
"name": "[parameters('childSubscriptionId')]",
"dependsOn": [
"[variables('managementGroupName')]"
]
}
]
}
Upvotes: 1
Related Questions
- Azure tagging a resource group using an ARM template
- Dynamically get the value of management group id during arm template deployment
- ARM Create nested Management Group
- Azure ARM Template : Create Resource Group
- Deploy ARM Templates Without DependsOn under Specific Subscription of Specified resource group
- Predefined Resource Group in ARM Template
- Azure ARM: If resource group does not exist, place in deployment resource group
- Azure ARM Template Different Resource Groups
- how to disable the default groups in azure API management via ARM template deployment
- How to do a role assignment for the resourcegroup with arm templates