Custom Roles at the Management Group Level
Please add the ability to define custom roles for Azure RBAC at the new Management Group level. Would like to be able to create custom roles and set the assignable scope to our root management group so that the role definition is available throughout our tenant.
Just wanted to leave a quick update, we’re continuing to work on this feature and will share details in the near future.
/Stuart and Balaji
Steven Scott commented
Any update here? I am automating our subscription creation process and need to have this capability.
Lester W commented
This feature is available NOW (programmatically). In PowerShell, you add a management group as an assignable scope. For example: $Role.AssignableScopes.Add("/providers/Microsoft.Management/managementGroups/<management group ID>")
Talal Masood commented
When this will be available please?
Bart Michel commented
Is there any update yet? we can't use only built-in roles so please get this workin :-)
Agreed, otherwise management groups are more or less useless if you rely a lot on Custom roles
Charity Shelbourne commented
Is this still planned? We're interested in doing this as well.
Mitch B. commented
Any update on this?
Agreed this is needed!
Duplicate of: https://feedback.azure.com/forums/911473-azure-management-groups/suggestions/34391878-allow-custom-rbac-definitions-at-the-management-gr
Dany Contreras commented
Hello, do you have an update on ETA for availability of custom roles on management groups?
Corey Zwart commented
Please provide an update Stuart and Balaji... we need to be able to use this functionality as management groups are GA and are being recommended as the best practice.
Is there an update on this? The last entry is Oct 29th and says that we would get details in the near future
Any new updates, this is essential option for our teams, is there any indication as to when this will be available
Brian Jackett commented
Any update on this? I see that Management Groups are now GA.