I’ve suddenly come across an issue where deployments to tenants are informing me that the tenant is not authorized to use the Azure Account in question. Historically this has not been an issue, and our Azure Accounts are configured with no tenant filters - as we use them for both un-tenanted and tenanted deployments. Is there an easy way to resolve this? Or do I need to duplicate my Azure Accounts have one for un-tenanted, one for tenanted?
I’m currently running v3.13.3. This issue has only been noticed, but it has been a while since the last deployment, which was probably done on v3.11.x.
Currently an account can be used for either tenanted or non-tenanted deployments. But not both. While we felt this was the correct decision at the time, many customers (such as yourself) have convinced us otherwise.
We have an open issue to change this behaviour, which we intend to implement in the coming weeks (note: although the title of the issue refers to machines, it explicitly mentions accounts also).
One thing I am confused by is this behaviour hasn’t changed. You seem to indicate that you feel you could previously use the account in both modes. I don’t believe this is the case.
For the moment, the work-around is (as you mention) to create two accounts.
We aplogize for any inconvenience. We got this one wrong.
I was absolutely able to deploy both untenanted and tenanted until recently; one of our products is untenanted for dev/QA environments and tenanted for staging/prod, and I was able to use a single Azure account (a service principal) for this, with no tenant filters configured.
I apologize; I shouldn’t have stated that so certainly. I should have said only that I couldn’t see that it had changed
The important thing is that we agree the current behaviour is not what it should be.
But that issue is working it’s way to the top of our list…