Policy: Azure > Managed Identity > User Assigned Identity > Approved > Usage

Determine whether the Azure Managed Identity user assigned identity is allowed to exist.

This policy will be evaluated by the Approved control. If an Azure Managed Identity user assigned identity is not approved, it will be subject to the action specified in the Azure > Managed Identity > User Assigned Identity > Approved policy.

See Approved for more information.

Targets

This policy targets the following resource types:

Azure > Managed Identity > User Assigned Identity

Primary Policy

This policy is used with the following primary policy:

Azure > Managed Identity > User Assigned Identity > Approved

Controls

Setting this policy configures this control:

Azure > Managed Identity > User Assigned Identity > Approved

Policy Specification

Schema Type	`string`
Default	`Approved if Azure > Managed Identity > Enabled`
Valid Values [YAML]	`Not approved` `Approved` `Approved if Azure > Managed Identity > Enabled`
Examples [YAML]	`Not approved`

In Your Workspace

Policy Settings by Type report

Developers

Category URI

tmod:@turbot/turbot#/control/categories/resourceApproved

Policy Type URI

tmod:@turbot/azure-managedidentity#/policy/types/userAssignedIdentityApprovedUsage

GraphQL

query policyType(id: "tmod:@turbot/azure-managedidentity#/policy/types/userAssignedIdentityApprovedUsage") { … }

query policySettings(filter: "policyTypeId:'tmod:@turbot/azure-managedidentity#/policy/types/userAssignedIdentityApprovedUsage'") { … }

query policyValues(filter: "policyTypeId:'tmod:@turbot/azure-managedidentity#/policy/types/userAssignedIdentityApprovedUsage'") { … }

CLI

Get Policy Type

turbot graphql policy-type --id "tmod:@turbot/azure-managedidentity#/policy/types/userAssignedIdentityApprovedUsage"

Get Policy Settings

turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/azure-managedidentity#/policy/types/userAssignedIdentityApprovedUsage"