Skip to content

Commit

Permalink
pass ManagementGroup ID as parameter
Browse files Browse the repository at this point in the history
  • Loading branch information
@kubasobon
kubasobon committed Mar 12, 2024
1 parent f0e780a commit dfca8ef
Showing 1 changed file with 14 additions and 2 deletions.
16 changes: 14 additions & 2 deletions deploy/azure/ARM-for-organization-account.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -103,6 +103,9 @@
"AdditionalRoleGUID": {
"value": "[variables('roleGUID')]"
},
"ManagementGroupID": {
"value": "[managementGroup().id]"
},
"ResourceGroupName": {
"value": "[parameters('ResourceGroupName')]"
},
Expand All @@ -117,6 +120,9 @@
"AdditionalRoleGUID": {
"type": "string"
},
"ManagementGroupID": {
"type": "string"
},
"ResourceGroupName": {
"type": "string"
},
Expand All @@ -128,7 +134,7 @@
{
"type": "Microsoft.Authorization/roleAssignments",
"apiVersion": "2022-04-01",
"name": "[guid(managementGroup().id, parameters('SubscriptionId'), parameters('ResourceGroupName'), deployment().name, 'securityaudit')]",
"name": "[guid(parameters('ManagementGroupID'), parameters('SubscriptionId'), parameters('ResourceGroupName'), deployment().name, 'securityaudit')]",
"properties": {
"roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7",
"principalId": "[reference(resourceId(parameters('SubscriptionId'), parameters('ResourceGroupName'), 'Microsoft.Compute/virtualMachines', 'cloudbeatVM'), '2019-07-01', 'Full').identity.principalId]",
Expand Down Expand Up @@ -167,6 +173,9 @@
"AdditionalRoleGUID": {
"value": "[variables('roleGUID')]"
},
"ManagementGroupID": {
"value": "[managementGroup().id]"
},
"ResourceGroupName": {
"value": "[parameters('ResourceGroupName')]"
},
Expand All @@ -182,6 +191,9 @@
"AdditionalRoleGUID": {
"type": "string"
},
"ManagementGroupID": {
"type": "string"
},
"ResourceGroupName": {
"type": "string"
},
Expand Down Expand Up @@ -324,7 +336,7 @@
"name": "[parameters('AdditionalRoleGUID')]",
"properties": {
"assignableScopes": [
"[managementGroup().id]",
"[parameters('ManagementGroupID')]",
"[concat('/subscriptions/', parameters('SubscriptionId'))]",
"[concat('/subscriptions/', parameters('SubscriptionId'), '/resourcegroups/', parameters('ResourceGroupName'))]"
],
Expand Down

0 comments on commit dfca8ef

Please sign in to comment.