I have a VMSS resource linked to a Service Fabric cluster. I have modified the ARM templates to have user managed identity for VMSS.
"variables": {
"vmssApiVersion": "2017-03-30",
...
..
}
....
"resources": [
{
"type": "Microsoft.Compute/virtualMachineScaleSets",
"apiVersion": "[variables('vmssApiVersion')]",
"name": "[concat(variables('vmssNamePrefix'),
...
...
"identity": {
"type": "UserAssigned",
"identityIds": [
"/subscriptions/xxxxxxxxxxxxxxxxxxxxxx/resourceGroups/<RG>/providers/Microsoft.ManagedIdentity/userAssignedIdentities/<usrasgid>"
]
}
.....
.....
}
]
While deploying, it throws the error
{
"status": "Failed",
"error": {
"code": "InvalidParameter",
"target": "resourceIdentity.type",
"message": "ResourceIdentity Type must be provided and set to \"SystemAssigned\"."
}
}
Why does it ask me to set managed identity to SystemAssigned? How can I set it to user managed identity?
I tested the old versions and seems only SystemAssigned
is allowed in API Version 2017-03-30
. But , It was successful when I used 2018-06-01
. So , as a Solution you can use the below to resolve the issue:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": [
{
"name": "ansumantestvmss",
"type": "Microsoft.Compute/virtualMachineScaleSets",
"apiVersion": "2018-06-01",
"location": "[resourceGroup().location]",
"identity": {
"type": "userAssigned",
"userAssignedIdentities": {
"[resourceID('Microsoft.ManagedIdentity/userAssignedIdentities/','ansumanmdid')]" : {}
}
},
"properties":{}
}
]
}
Output: