Skip to content

Newbie question: Service Principals created during portal deployment #1720

Closed Answered by jtracey93
zorglob asked this question in General
Discussion options

You must be logged in to vote

Hey @zorglob,

No worries happy to answer.

So all the SPNs you see at the top management group, and they will also be on other management groups, are for the policy assignments that require permissions to complete remediation tasks. Please dont remove these as it will stop the policies from being able to work as designed. This is documented further here: https://github.com/Azure/Enterprise-Scale/wiki/ALZ-Policies#why-are-managed-identities-deployed-as-part-of-the-alz-policies

The identity id-ama-prod-northeurope-001 is used for the Azure Monitor Agent and is critical for this to work, so please dont remove this either. Again this is documented further here https://github.com/Azure/Enterpri…

Replies: 1 comment

Comment options

You must be logged in to vote
0 replies
Answer selected by jtracey93
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
2 participants