Trying to follow https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/tutorial-linux-vm-access-arm and https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/tutorial-windows-vm-access-arm and am missing a “Resource group” option which allow you to assign to multiple resource groups
If you go to the Subscription level and add the System Assigned Identity to the Reader role then it flows down to allow all resource groups. But you can’t explicitly select to apply the Reader Role to all resource groups
As the following image shows the above links display a field for “Resource group” where you can select and assign the Identity to “All Resource Groups”. In my portal I can’t find this and suspect the option no longer exists. As you can see from the image that follows this next one.