Configuring custom role for network peering to use environment validation

Applies to: Kyvos Enterprise  Kyvos Cloud (SaaS on AWS) Kyvos AWS Marketplace

Kyvos Azure Marketplace   Kyvos GCP Marketplace Kyvos Single Node Installation (Kyvos SNI)

Creating a custom role

1. Login to your Azure portal.

2. Navigate to Virtual Network and click Properties on the navigation bar. Copy the Resource ID and paste it on a notepad. You will need this for creating the custom role.
   
   

   Open

   

    

3. Navigate to Network Security group and click Properties on the navigation bar. Copy the Resource ID and paste it on a notepad. You will need this for creating the custom role.

   Open

   

4. Navigate to Resource Group and click Access Control (IAM) on the navigation bar.

5. Click Add > Add custom role as shown below.
   
   

   Open

   

6. Click the JSON tab, and then click Edit.

7. Delete the existing JSON text.

8. Copy the following text and paste it into the JSON textbox.

   { "properties": { "roleName": "<rolename>", "description": "", "assignableScopes": [ "<Virtual Network Resource ID>", "<Security Group Resource ID>" ], "permissions": [ { "actions": [ "Microsoft.Network/virtualNetworks/subnets/read", "Microsoft.Network/virtualNetworks/read", "Microsoft.Network/networkSecurityGroups/read", "Microsoft.Network/virtualNetworks/virtualNetworkPeerings/read" ], "notActions": [], "dataActions": [], "notDataActions": [] } ] } }

9. Replace the <Virtual Network Resource ID> and <Security Group Resource ID> with the respective Resource IDs that you copied earlier (in steps 2-3).

10. Click Save. The JSON automatically assigns the required permissions.

11. Now go to the Basics tab, provide a unique name for your role.
    
    

    Open

    

12. Click on Review + Create. Then click Create.