RBAC - Create Managed Identity Access on Azure Maps account

Azure Public Test Date Azure Public Test Result

Azure US Gov Last Test Date Azure US Gov Last Test Result

Best Practice Check Cred Scan Check

Deploy To Azure Deploy To Azure US Gov Visualize

This template assigns Azure Maps Data Reader access for a Manaaged Identity on an Azure Maps account in a resource group. It does not assign the identity to an Azure resource such as Azure App Service or Azure Virtual Machines. Inputs to this template are following fields:

Enable Service to Service authentication to Azure Maps

This template will grant a service principal access to Azure Maps. Using Azure Managed identity in your application code removes the complexity of managing credentials in a deployed Azure service. Running your application in an App Service or other Azure service which supports Managed Identity enables a restricted endpoint to retrieve access tokens for Service to Service authorization.

Parameter #5: 'GUID' represent randomly generated GUID

These values should be unique per element as they represent the id of the role assignment. They can be generated any way you prefer.

For Automation on role assignments you must assign 'User Access Administrator'

For automation scenarios without a user's principal, the built in role you must assign your automation is "User Access Adminstrator". This role with grant access to add and remove role assignments. The other option can be to create a custom role definition with the permissions Microsoft.Authorization/roleAssignments/write and Microsoft.Authorization/roleAssignments/delete.

Tags: Microsoft.ManagedIdentity/userAssignedIdentities, Microsoft.Maps/accounts, Microsoft.Maps/accounts/providers/roleAssignments