How to assigned permissions for user-assigned managed identity on multiple subscriptions in bulk

First get the subscriptions you want to assign permissions on:

$subs = Get-AzSubscription |? { $_.Name.Contains("NorthAmerica") }

Then get the client id of the identity you to assign permissions for:

$id = Get-AzUserAssignedIdentity -ResourceGroupName my-shared-prod-westus2 `
                                 -Name my-shared-prod-westus2-id

Now perform the actual permissions assignment:

$subs |% { New-AzRoleAssignment -Scope "/subscriptions/$($_.Id)" `
                                -RoleDefinitionName "Contributor" `
                                -ApplicationId $id.ClientId }

That’s it, folks!

This entry was posted in Programming and tagged , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.