Build resource group

[sanchetanparmar]

Due to limited permission, can't create new Resource group while building image.
how can use - build_resource_group_name as we can use in packer ?

[danielsollondon]

Hi - unfortunately image builder can only create a resource group currently, we have it on the backlog to make this option available to customers. One option, you could use Image Builder in silo'd subscription, and share the image to the other subscription using the Azure Shared Image Gallery.

[sanchetanparmar]

HI, thanks for response. Other subscription won't help. if you have any work around please share.
@danielsollondon In this case i need SPN, has permission to create new resource group. right ?

[danielsollondon]

We are looking to allow customers to specify an existing RG, ETA end of Summer 2020, stay tuned.

If you are blocked creating the image builder staging resource group due to existing Azure Policy, one option is to ask you admins for an exception for testing only, in a test subscription with allowing IT_* resource groups, something like the below. Please do not just apply this example policy below in any environment, it is for illustration, and any changes must be tested thoroughly, and validated with your security and compliance teams.

{
"mode": "Indexed",
"parameters": {},
"policyRule": {
"if": {
"allOf": [
{
"field": "name",
"notEquals": "[resourceGroup().name]"
},
{
"field": "name",
"notContains": "IT_"
}
]
},
"then": {
"effect": "deny"
}
}
}

[danielsollondon]

This is something we still have on our backlog, but are delayed, we will have clearer dates in 2nd half of 2021.