You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I tried to delete "authorization" parameters both in the ARM template and parameter file. I only kept and configured the "eligibleAuthorizations" part which set up the PIM values. I deployed this ARM template and the following error came out.
{
"code": "DeploymentFailed",
"message": "At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.",
"details": [
{
"code": "InvalidTemplate",
"message": "Unable to process template language expressions for resource '/subscriptions/xxxx/providers/Microsoft.ManagedServices/registrationDefinitions/xxxxx' at line '71' and column '9'. 'The template parameter 'authorizations' is not found. Please see https://aka.ms/arm-template/#parameters for usage details.'"
}
]
}
May I ask whether this "authorization" is required and the necessary reason? Is it possible to only use the PIM in this template?
Thanks in advance!
The text was updated successfully, but these errors were encountered:
Hi all,
I tried to use the following template to assign authorizations to the roles.
https://github.com/Azure/Azure-Lighthouse-samples/blob/master/templates/delegated-resource-management-eligible-authorizations/rg/rg.parameters.json
I do not want to have the permanent role assignments for any principle and I only want to assign the PIM for principles.
I tried to delete "authorization" parameters both in the ARM template and parameter file. I only kept and configured the "eligibleAuthorizations" part which set up the PIM values. I deployed this ARM template and the following error came out.
{
"code": "DeploymentFailed",
"message": "At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.",
"details": [
{
"code": "InvalidTemplate",
"message": "Unable to process template language expressions for resource '/subscriptions/xxxx/providers/Microsoft.ManagedServices/registrationDefinitions/xxxxx' at line '71' and column '9'. 'The template parameter 'authorizations' is not found. Please see https://aka.ms/arm-template/#parameters for usage details.'"
}
]
}
May I ask whether this "authorization" is required and the necessary reason? Is it possible to only use the PIM in this template?
Thanks in advance!
The text was updated successfully, but these errors were encountered: