With auto_create no interactive user is the owner of the Workspace Enterprise App #2625

marrobi · 2022-09-21T07:49:01Z

When creating a workspace with auto_create the workspace owner is set to the Application Admin account. This means that to add any users to the App Roles the interactive user must have privileges to access all Enterprise Apps in Azure AD, or ask their AD Admin to grant them access.

I suggest the creator of the workspace is also made an owner of the Workspace Enterprise application. This will mean they can also view sign in logs.

The user needs adding here: https://github.com/marrobi/AzureTRE/blob/caf6a9c2e68f7e74684249d112e2b083f77ac3a9/templates/workspaces/base/terraform/aad/aad.tf#L97

The text was updated successfully, but these errors were encountered:

marrobi added the bug Something isn't working label Sep 21, 2022

marrobi added this to the Release 0.5 milestone Sep 21, 2022

marrobi self-assigned this Sep 21, 2022

marrobi mentioned this issue Sep 21, 2022

Add initial workspace creator as workspace enterprise app owner #2627

Merged

marrobi closed this as completed in #2627 Sep 29, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

With auto_create no interactive user is the owner of the Workspace Enterprise App #2625

With auto_create no interactive user is the owner of the Workspace Enterprise App #2625

marrobi commented Sep 21, 2022

With auto_create no interactive user is the owner of the Workspace Enterprise App #2625

With auto_create no interactive user is the owner of the Workspace Enterprise App #2625

Comments

marrobi commented Sep 21, 2022