cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

WVD Start on Connect - Custom Role configuration

garymansell
Contributor

‎Jun 03 2021 03:13 AM

‎Jun 03 2021 03:13 AM

WVD Start on Connect - Custom Role configuration

I followed the instructions to create a new custom role at the Subscription level for the Windows Virtual Desktop app to be able to start/stop my WVD VM's and it works fine.

 

But, I notice that this role assignment appears on all my resources now in this Azure Subscription (obviously) - even for a lot of resources that are not related to WVD.

 

Is there a way of assigning this custom role at the Resource Group level instead of at the Subscription level so that I can only apply it to my WVD resources?

524 Views
0 Likes
5 Replies
Reply
5 Replies
AaaBokkaLe

‎Jun 03 2021 06:51 AM

‎Jun 03 2021 06:51 AM

Re: WVD Start on Connect - Custom Role configuration

Yes the custom role can be created under IAM of RG and be assigned with required permissions (startVM and readVM) which will limit the scope to RG

0 Likes
Reply
garymansell

‎Jun 03 2021 06:58 AM

‎Jun 03 2021 06:58 AM

Re: WVD Start on Connect - Custom Role configuration

@AaaBokkaLe 

 

Thanks for getting back to me on this... But what if I have multiple RG's with WVD session hosts?

 

Would I need to create the custom role multiple times (one in the IAM of each RG) and then add each of these roles to the enterprise level Windows Virtual Desktop Application?

0 Likes
Reply
AaaBokkaLe

‎Jun 03 2021 07:03 AM

‎Jun 03 2021 07:03 AM

Re: WVD Start on Connect - Custom Role configuration

Start creating the custom role at Subscription level. In "Assignable Scopes" remove the Subscription and chose multiple RG's to make this role available for these RG's. Hope this helps :)
0 Likes
Reply
garymansell

‎Jun 03 2021 07:24 AM

‎Jun 03 2021 07:24 AM

Re: WVD Start on Connect - Custom Role configuration

Ah - gotcha, thanks. I see how to do it for a new custom role now

Is it possible to edit these assignable scopes in the Portal for the custom role I have already created to save starting again?
0 Likes
Reply
best response confirmed by garymansell (Contributor)
AaaBokkaLe

‎Jun 03 2021 08:32 AM

‎Jun 03 2021 08:32 AM

Solution

Re: WVD Start on Connect - Custom Role configuration

Yes. Search for your custom role in Roles from previously scoped resource. Select the "..." adjacent to your role to get edit option and proceed with required changes.
0 Likes
Reply