Lighthouse - Cannot manage eligible roles in managing tenant

tm19 5 Reputation points
2023-04-11T17:17:38.29+00:00

Hi, I am trying to get eligible authorizations working via Lighthouse, but in the managing (service provider) tenant I am finding that the "manage eligible roles" button is greyed out under my customers.2023-04-11 18_15_09-Window

I have not created a lighthouse offer in partner center, I am using a .json template and manually run a subscription template from lighthouse samples git hub and used the deploy to azure button. Then I edited the parameters by uploading my modified parameters file in the customer tenant. The permanent authorizations work, but the eligible authorizations do not. Any help appreciated. Thanks

Azure Lighthouse
Azure Lighthouse
An Azure service that provides secure managed services and access control for partners and customers.
71 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Andrew Blumhardt 9,831 Reputation points Microsoft Employee
    2023-04-11T19:45:45.86+00:00

    Just browsing the docs. Related note: "For each eligible authorization, be sure to also create a permanent (active) authorization for the same Principal ID with a different role, such as Reader (or another Azure built-in role that includes Reader access). If you don't include a permanent authorization with Reader access, the user won't be able to elevate their role in the Azure portal." Could that be the issue? https://video2.skills-academy.com/en-us/azure/lighthouse/how-to/create-eligible-authorizations

    1 person found this answer helpful.