Skip to content

Feature Request: Add a way of changing the default region of a user assigned managed identity #303

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
1 task done
lukemurraynz opened this issue Feb 19, 2025 · 1 comment
Open
1 task done

Feature Request: Add a way of changing the default region of a user assigned managed identity #303

lukemurraynz opened this issue Feb 19, 2025 · 1 comment
Labels
Type: Enhancement ✨ New feature or request

Comments

@lukemurraynz
Copy link

Is there an existing issue for this?

  • I have searched the existing issues

Infrastructure as Code Type? (Required)

terraform

Starter Module? (Required)

bicep - complete

Use Case (Required)

When deploying to New Zealand North (new 3+0) region, made GA in December of 2025. We ran into an issue with Federated credentials not being available in New Zealand North (even though User Assigned identities are).

This currently sits upon the current region:

The creation of federated identity credentials is currently not supported on user-assigned managed identities created in the following regions:

Malaysia South
New Zeland South

Note: Forgive the spelling. I have a PR on the docs site to resolve this (it's actually New Zealand North).

Reference: Unsupported regions (user-assigned managed identities)

I was able to work around this issue by editing the terraform for the bootstrap locally (to deploy into another region - ie, Australia East) before being pushed to create the ADO project and service principals.

Proposed Solution (Required)

It may be great to offer a secondary region for User Assigned Managed Identities to allow people to be able to work around this issue if it were to occur, I am not sure of the root cause of why it's not available in NZN.

For NZN the following resources (mainstream) seem to be blockers (taking the longest time to rollout) for our region deployments:

  • DNS Resolver
  • Log Analytics Workspace

So it would be great to have the option to toggle or have a different region for this workloads as well as part of the bootstrap, but it is something we can work around, by editing the code once its in the repo, where the User Assigned Managed identity is more from a local bootstrap deployment.

Important Factoids (Optional)

No response

References (Optional)

No response
@lukemurraynz lukemurraynz added Needs: Triage 🔍 Needs triaging by the team Type: Enhancement ✨ New feature or request labels Feb 19, 2025
@jaredfholgate jaredfholgate self-assigned this Mar 21, 2025
@jaredfholgate jaredfholgate removed the Needs: Triage 🔍 Needs triaging by the team label Mar 21, 2025
@jaredfholgate jaredfholgate removed their assignment Mar 21, 2025
@jaredfholgate
Copy link
Member

Apologies for the late response. I did read this at the time and forgot to respond. We can add an option for granular location choice to handle this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Type: Enhancement ✨ New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jaredfholgate @lukemurraynz