Closed nturinski closed 3 months ago
nturinski
commented
3 months ago I should probably revisit exposing the scope since it contains the subscription id of the resource as well. Probably can just split by / and take the last two indices.
3:39:20 PM: Role assignment "StorageBlobDataContributor" created with resource "/subscriptions/9b5c7ccb-9857-4307-843b-8875e83f65e9/resourceGroups/naturinsmi22/providers/Microsoft.Storage/storageAccounts/naturinsmi22".
alexweininger
commented
3 months ago TODO: Add more description on Monday 😅
Time is running out
nturinski
commented
3 months ago I should probably revisit exposing the scope since it contains the subscription id of the resource as well. Probably can just split by
/and take the last two indices.3:39:20 PM: Role assignment "StorageBlobDataContributor" created with resource "/subscriptions/9b5c7ccb-9857-4307-843b-8875e83f65e9/resourceGroups/naturinsmi22/providers/Microsoft.Storage/storageAccounts/naturinsmi22".
New message looks like this:
See an example of this being used here: https://github.com/microsoft/vscode-azurefunctions/pull/4213/files
This adds
managedIdentityto theResourceWizardContextsince managed identity will be included in a lot of our resources.The
UserAssignedIdentitysteps are for listing and creating new identities. Right now, it will always default to creating it in the resource group. That reminds me, I need to test what happens if I pick an existing resource group that already has an MI in it. I'm not even sure what behavior should be-- create a new one with a suffix or use the existing one?The
RoleAssignmentStepshould work for both system and user assigned identities. Because the scope will be created during the wizard, you need to pass a function that returns the property that you want since the context will be updated by the time the function is called. Execute priority is also 900 because in most cases, it should always be the last thing to execute.