Home > Net >  Revoking a role from Azure User Assigned Managed Identity
Revoking a role from Azure User Assigned Managed Identity

Time:04-28

Is it possible to revoke a role from a User Assigned Managed Identity? From Azure Portal Dashboard, there seem to be no way to revoke an access once you grant it. There is only an "Add" button to extend it but nothing to revoke an existing one.

enter image description here

Also, same problem with Terraform:

resource "azurerm_user_assigned_identity" "aks-dev-identity" {
  resource_group_name = azurerm_resource_group.rg_aks.name
  location            = azurerm_resource_group.rg_aks.location

  name = "aks-dev-identity"
}

 resource "azurerm_role_assignment" "aks-dev-identity-role" {
   scope                = "Resource ID of the SQL DB"
   role_definition_name = "Reader"
   principal_id         = azurerm_user_assigned_identity.aks-dev-identity.principal_id
 }

when I comment the "azurerm_role_assignment" resource, terraform says that it is going to revoke that role, but in reality nothing happens when I look at the "Azure Role assignments" blade in the "Identity" page.

CodePudding user response:

You can remove the role assignment if you go to the resource (SQL server in this case), then its Access control (IAM) tab, and then Role assignments tab within that. Select the assignment and click Remove.

Page link:https//www.codepudding.com/net/387532.html

Prev:How to get list of available AWS services in a region from boto3 call
Next:Azure chaos studio experiment deployment name failure
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding