search

microsoft / finops-toolkit

Tools and resources to help you adopt and implement FinOps capabilities that automate and extend the Microsoft Cloud.
https://aka.ms/finops/toolkit
MIT License
275 stars 90 forks source link

[Hubs] Use of pre created Entra ID SPN to deploy the resources #879

Open sepenet opened 1 month ago

sepenet commented 1 month ago

As a customer FinOps toolkit user I need the toolkit deployment pipeline to be able to use an already created SPN provided by Entra ID team as my user does not have permission to create app in Entra ID.

flanakin commented 4 weeks ago

@sepenet Is this for FinOps hubs managed exports?

sepenet commented 3 weeks ago

Hi @flanakin, it is to install the finops toolkit, but I guess it will be also valid request to setup the exports

flanakin commented 2 weeks ago

Thanks for the details. I added it to the backlog. I'll talk to @MSBrett to see what's needed for this. In the meantime, please create exports manually.

MSBrett commented 2 weeks ago

Hi @flanakin, it is to install the finops toolkit, but I guess it will be also valid request to setup the exports

To confirm - you're having issues installing FTK because you don't have permissions to create the managed identities we use during deployment for managing the triggers, etc. and need to supply a pre-created SPN instead?

sepenet commented 3 days ago

Hello

Yes, CX contact has issue to install FTK, he does not have permission to create managed identities and security team would like him to use pre created SPN with limited permissions instead. the same SPN should also be used to manage the exports

Thanks for your support

From: Brett Wilson @.> Sent: Wednesday, August 28, 2024 5:30 PM To: microsoft/finops-toolkit @.> Cc: Sebastien Penet @.>; Mention @.> Subject: Re: [microsoft/finops-toolkit] [Hubs] Use of pre created Entra ID SPN to deploy the resources (Issue #879)

Hi @flanakinhttps://github.com/flanakin, it is to install the finops toolkit, but I guess it will be also valid request to setup the exports

To confirm - you're having issues installing FTK because you don't have permissions to create the managed identities we use during deployment for managing the triggers, etc. and need to supply a pre-created SPN instead?

— Reply to this email directly, view it on GitHubhttps://github.com/microsoft/finops-toolkit/issues/879#issuecomment-2315679946, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ANI3C7NSXGGU44B4VVYYPITZTXUKBAVCNFSM6AAAAABMERN3J6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDGMJVGY3TSOJUGY. You are receiving this because you were mentioned.Message ID: @.***>