Hero Banner

Microsoft AppSource and Azure Marketplace

Learn how to grow your business by publishing your cloud solution on Microsoft AppSource and Azure Marketplace

Visitor 1

Marketplace with metered billing



I feel I've been going round and round in circles for the last couple of days on this.


I'm building a marketplace managed app with metered billing. I've got the template working all fine, and the billing submission script all works fine, but I'm having a problem assigning the correct permissions/roles to the VM to be able to call the marketplace API.


I can manually set the correct role on the VM (using either a system or user assigned managed identity), but I can't get it to work in the template. I need the VM to be able to have read access to a different Resource Group, but when I try and set that in the template it complains that the scope is a different Resource Group.


I've tried most of the solutions online that I can find. These two seem to be on the right path.




Am I missing something basic here?


Also, am I able to test a roleAssignment with delegatedManagedIdentityResourceId from my own account? If the marketplace template has my ID as the managed app owner and it's the same ID where I deploy it, they won't be in different tenants.


"I need the VM to be able to have read access to a different Resource Group" - do you mean once deployed in the customer subscription it needs to be granted access to a different resource group? I don't think that can work as the identity doing the deployment wouldn't have the requisite permissions.