DEV Community

loading...

Discussion on: How to Deploy to Azure with Least Privilege

Collapse
maxivanov profile image
Max Ivanov

Hi Mike. Clearly explained and actionable - love it! At some point I did something similar with AWS while deploying a Cloudformation stack. Run it, see the error, fix the IAM permissions, repeat. It's great to see what the process is for Azure.

Something I was confused by: when you create a role definition, in the role.json file, should you provide the id property explicitly? Or should the ID be generated by AAD when the definition is created? Thanks.

Collapse
michaelsrichter profile image
Mike Richter Author • Edited

Thanks @maxivanov . It was hard keeping track of the json file! :) I updated the article. Yes, Azure creates the id for you when you create a new role. You need to add that id into the json when you update the role. I added the command for finding that id too. Thanks!

Collapse
maxivanov profile image
Max Ivanov

It all makes sense now. Thanks!