Role Assignment behavior with User Assigned Managed Identity
ashkuren opened this issue · comments
Hi @gettek ,
I would like to know if the behavior below is intended with regards to the variable skip_role_assignment
.
When we specify identity_ids
(User Assigned Managed Identity), Role Assignments are never made.
terraform-azurerm-policy-as-code/modules/def_assignment/variables.tf
Lines 162 to 165 in 88f1afe
In this piece of code, local.role_definition_ids
is always []
as local.identity_type == UserAssigned
.
Should the Role Assignments be independent of Identity Type used?
Hi, yes this is intentional as mentioned in the ReadMe here. User Managed Identities will likely have their role assignments configured independently hence shifting this responsibility away from the module.
This issue is stale because it has been open for 30 days with no activity.
This issue was closed because it has been inactive for 14 days since being marked as stale.