Hi Mike. Clearly explained and actionable - love it! At some point I did something similar with AWS while deploying a Cloudformation stack. Run it, see the error, fix the IAM permissions, repeat. It's great to see what the process is for Azure.
Something I was confused by: when you create a role definition, in the role.json file, should you provide the id property explicitly? Or should the ID be generated by AAD when the definition is created? Thanks.
Thanks @maxivanov
. It was hard keeping track of the json file! :) I updated the article. Yes, Azure creates the id for you when you create a new role. You need to add that id into the json when you update the role. I added the command for finding that id too. Thanks!
Hi Mike. Clearly explained and actionable - love it! At some point I did something similar with AWS while deploying a Cloudformation stack. Run it, see the error, fix the IAM permissions, repeat. It's great to see what the process is for Azure.
Something I was confused by: when you create a role definition, in the
role.json
file, should you provide theid
property explicitly? Or should the ID be generated by AAD when the definition is created? Thanks.Thanks @maxivanov . It was hard keeping track of the json file! :) I updated the article. Yes, Azure creates the id for you when you create a new role. You need to add that id into the json when you update the role. I added the command for finding that id too. Thanks!
It all makes sense now. Thanks!