The customer I currently work with has several custom roles that are currently maintained in a central subscription. This has become quite burdensome as every new subscription which needs the role assigned needed to have the Role.AssignableScopes attribute appended with the custom role. We would like to centrally manage these, using management groups similar to the way we manage Policy applied over several subscriptions.21 votes
We have a high priority to get Custom RBAC supported on Management Groups. We have this in our backlog and are looking to support this soon after we release GA.
We need to have activity log for management group to audit/track who make changes to management group. The activity log should also show the status of action perform and include details error message.3 votes
We are working with the Acitivy Log team to have the ability to filter and search on Management Groups in the activity logs.
When adding a new subscription to a directory that has resource groups enabled the new subscription wizard should ask if you want to add the subscription to an existing resource group or create a new one.
Would even be nice if as an admin you can toggle an option in teh directory to require subscriptions be added to a management group.
This just simplifys the management as currently we have to tell everyone to "remember" to do this and stuck cleaning up a mess when it is not done.3 votes
Thanks Brett for the feedback. We are looking into building features that do both of those items. 1) Have the management group selection at subscription creation, 2) Custom rules that allow admins to control where subscriptions default when they are created.
I am using Management groups and wanted to roll out multiple naming policy.
I have various clients hence thought of a consistent manner to support and organize Resource groups/Resources in a consistent way. i.e <Cleint>-<Prod/Dev>-RGP-<Name>.
So it would sort out like
but unfortunately found that match could not support a symbol which would represent letter or number in same symbol. Details can be seen in the closed feedback thread on the following page.
It would really help enforce a consistent naming convention.
Not sure how fast help can arrive from MS?2 votes
Thank you for the feedback. I will share this with the Policy team to see what options they currently have or if this is on their roadmap.
Until the inherited management group access is represented properly on the portal, management groups can't really be used in anger. When will this be fixed?2 votes
We have rolled out many changes in the couple months since your original post. Can you please let me know if you are still having the issues you were describing?
I've been looking through the Azure documentation, and cannot see a method to create a naming policy to force a lowercase naming convention.
This would be very helpful to ensure consistency and adherence to standards.1 vote
Passwords rest0 votes
- Don't see your idea?