Just browsing the docs. Related note: "For each eligible authorization, be sure to also create a permanent (active) authorization for the same Principal ID with a different role, such as Reader (or another Azure built-in role that includes Reader access). If you don't include a permanent authorization with Reader access, the user won't be able to elevate their role in the Azure portal." Could that be the issue? https://zcusa.951200.xyz/en-us/azure/lighthouse/how-to/create-eligible-authorizations
Lighthouse - Cannot manage eligible roles in managing tenant
Hi, I am trying to get eligible authorizations working via Lighthouse, but in the managing (service provider) tenant I am finding that the "manage eligible roles" button is greyed out under my customers.
I have not created a lighthouse offer in partner center, I am using a .json template and manually run a subscription template from lighthouse samples git hub and used the deploy to azure button. Then I edited the parameters by uploading my modified parameters file in the customer tenant. The permanent authorizations work, but the eligible authorizations do not. Any help appreciated. Thanks
1 answer
Sort by: Most helpful
-
Andrew Blumhardt 9,861 Reputation points Microsoft Employee
2023-04-11T19:45:45.86+00:00