Andrew Wilson's Blog

{ ... Plan - Architect - Develop - Reflect - Improve - Repeat ... }

Azure Role Assignment

Problem Space: I recently came into some issues with assigning Azure roles through a Bicep template and pipeline deployment. I was looking to assign ‘Storage Blob Data Reader’ to a service principal, and refine their access to only the container of the storage account. The three main issues that I ran into were: What are Role Assignment Conditions and how can I use them in my template? I am trying to assign a built in role, what is the roleDefinitionId that I should be using?

Posted by Andrew Wilson on Friday, September 2, 2022

avatar

Andrew Wilson
Husband - Father - Principal Consultant at Black Marble.

Has a passion for creating software [especially solution integrations] that help others execute their jobs faster and more efficiently.

QUICK LINKS
FEATURED TAGS
api management apim apim-policy arm az cli azure azure devops azure portal bicep biztalk biztalk deployment framework btdf dsc fluent ui function-app git iac keyvault logic app logic app standard nerd fonts office-ui-fabric ohmyposh powershell rbac react rest client roles security speaking sso storage account strong name key swagger typescript vs code webpack windows terminal winget winget configuration yaml pipeline