Forum Discussion
khaled1405
Microsoft
Microsoftdefault a subscription to a management group
How could you enforce a new subscription to be assigned to an existing management group, other than the root management group? Could you use an Azure policy at the root group management to do it?
khaled1405, I wish to have that implemented by the policy. For now, the way to do that is to react to the subscription creation event or periodically move a subscription to one of MGs with a script ( Azure Functions/ Azure Automations/ any other compute. )
I can add writing about that to my backlog if you're interested in that.
khaled1405Microsoft
MicrosoftThanks kwiecek. I think the best approach until we get the native feature is to have an external workflow to request a subscription. That workflow will assign the subscription to the right management group and assign a custom RBAC on the subscription to the users. A blueprint could potentially make it more elegant.
