arcade-services icon indicating copy to clipboard operation
arcade-services copied to clipboard
verified publisher icon dotnet

all .NET should have access to aka.ms/bar

Open danmoseley opened this issue 10 months ago • 1 comments

it's necessary to go to https://coreidentity.microsoft.com/manage/Entitlement/entitlement/dotnetesmaes-z54r to get access to maestro.

we should allow all .NET folks to access it automatically. can you add this SG -- dotnet-microsoft-org-access -- it's more or less .NET FTE. (it is manually maintained, used for threat models)

Matt says: I don't think I can add an alias to the coreidentity entitlement. So it will need to be done via wherever the coreidentity aliases are added to. Can you file an issue in arcade-services?

danmoseley avatar Mar 18 '25 17:03 danmoseley

I've verified that you cannot add an alias to coreidentity entitlements.

ilyas1974 avatar Mar 18 '25 17:03 ilyas1974

@danmoseley the reason was that Entra applications do not respect nested groups so only the top-level members in a group get the permission. However, I can see the SG you suggest does not have nested members (I was previously considering another one with FTE in its name), so this might just work! Thanks for the suggestion!

To reiterate:

  • Please go to the Enterprise Applications in Azure and add dotnet-microsoft-org-access onto the Maestro app

premun avatar Mar 26 '25 11:03 premun

Done, aka.ms/bar should be accessible by members of the dotnet-microsoft-org-access group from now on

oleksandr-didyk avatar Mar 26 '25 11:03 oleksandr-didyk