At present once the policy is deployed, any changes in the authorisations in the parameters will not make the policy non-compliant as the policy rule only checks for managedByTenantId
I can use the Microsoft.ManagedServices/registrationDefinitions/authorizations[] to compare the length of the existing authorizations with managedByAuthorizations parameter value and Microsoft.ManagedServices/registrationDefinitions/authorizations[].roleDefinitionId for roleDefinitionIds of the authorizations, however I am not able to use / find aliases to compare all the values in the authorizations array in policy rule
Attached is what works so far.
At present once the policy is deployed, any changes in the authorisations in the parameters will not make the policy non-compliant as the policy rule only checks for managedByTenantId
I can use the Microsoft.ManagedServices/registrationDefinitions/authorizations[] to compare the length of the existing authorizations with managedByAuthorizations parameter value and Microsoft.ManagedServices/registrationDefinitions/authorizations[].roleDefinitionId for roleDefinitionIds of the authorizations, however I am not able to use / find aliases to compare all the values in the authorizations array in policy rule Attached is what works so far.
Is there a way to do that that I am not aware of?