At present once the policy is deployed, any changes in the authorisations in the parameters will not make the policy non-compliant as the policy rule only checks for managedByTenantId
I can use the Microsoft.ManagedServices/registrationDefinitions/authorizations[] to compare the length of the existing authorizations with managedByAuthorizations parameter value and Microsoft.ManagedServices/registrationDefinitions/authorizations[].roleDefinitionId for roleDefinitionIds of the authorizations, however I am not able to use / find aliases to compare all the values in the authorizations array in policy rule
Attached is what works so far.
Is there a way to do that that I am not aware of?
At present once the policy is deployed, any changes in the authorisations in the parameters will not make the policy non-compliant as the policy rule only checks for managedByTenantId
I can use the Microsoft.ManagedServices/registrationDefinitions/authorizations[] to compare the length of the existing authorizations with managedByAuthorizations parameter value and Microsoft.ManagedServices/registrationDefinitions/authorizations[].roleDefinitionId for roleDefinitionIds of the authorizations, however I am not able to use / find aliases to compare all the values in the authorizations array in policy rule
Attached is what works so far.
Is there a way to do that that I am not aware of?