matt-FFFFFF
commented
3 weeks ago Hi!
Yea we assume they exist. This module does not create subscriptions. As it uses AzureRM to deploy resources the subscription ids must be known at plan time.
Closed almclv1 closed 18 hours ago
matt-FFFFFF
commented
3 weeks ago Hi!
Yea we assume they exist. This module does not create subscriptions. As it uses AzureRM to deploy resources the subscription ids must be known at plan time.
almclv1
commented
3 weeks ago Ok thank you, last one then I'll stop asking for advice on GitHub. I am deploying LZ in a tenant that currently has live apps. Similar to this scenario.
The docs seem to think "changes don't affect the existing environment', but the docs say
deploys at tenant root by default, why do we need owner permission at the root, is it purely to create the management group for landing zone below it? I am thinking as long as i set all polices to "audit only" when deploying the landing zone i'm probably good.
microsoft-github-policy-service[bot]
commented
1 week ago This issue has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for 7 days. It will be closed if no further activity occurs within 7 days of this comment.
Hi,
May not be a feature request however, question. So the module for the accelerator including management, connectivity and identity suggests calling it this way **_deploy_management_resources = true subscription_id_management = data.azurerm_client_config.core.subscription_id
deploy_connectivity_resources = true subscription_id_connectivity = data.azurerm_client_config.core.subscription_id
deploy_identity_resources = true subscription_id_identity = data.azurerm_client_config.core.subscriptionid**
This assumes those subscriptions already exist right? Is there a way for the module to create the subscriptions if they are not already there?