LightHouse Issue

Sam@DC 1 Reputation point
2021-05-06T20:12:20.717+00:00

Hello - need help on Azure Light House..

  1. I have a Account A with tenant ID: 04a96f6f-259e-4135-891f-bcd684f5d83f

2) I created an User on Account A with "reader" role (Azure Role)

3) I have another Account B, with another subscription, which I want to be managed by Account A (at subscription level)

4) Used "delegatedResourceManagement.json" Template
In Parameters file, I have added:
a) Account A's tenant ID
b) Object ID for the User created in step #2 (principal ID)
c) ObjectID of the Role ("Reader" Role) - (roleDefinitionID)

5) Ran the template using CLI/SHELL on Account B (az deployment sub create...), ran successfully without the errors.

RESULTs:
a) On Acccount B, MSP is visible in the Service Providers section, shows "Subscription 1" under delegation
b) However, dont see any updates on Account A --> Mycustomers

What is missing OR am I doing wrong ?

Azure Lighthouse
Azure Lighthouse
An Azure service that provides secure managed services and access control for partners and customers.
71 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Sam Swaminathan 6 Reputation points
    2021-05-12T11:07:22.027+00:00

    I figured out the issue quickly after I posted above...
    I had to login as the user who has been delegated..I was logged in another user with the contributor (AD role) assuming that would show everything. This is a good control.
    This enablement thru ARM Template works like charm...same template and command can be easily applied to multiple clients

    1 person found this answer helpful.
    0 comments