az blueprint artifact role
Note
This reference is part of the blueprint extension for the Azure CLI (version 2.50.0 or higher). The extension will automatically install the first time you run an az blueprint artifact role command. Learn more about extensions.
Commands to manage blueprint role assignment artifact.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az blueprint artifact role create |
Create blueprint role artifact. |
Extension | GA |
| az blueprint artifact role update |
Update blueprint role artifact. |
Extension | GA |
az blueprint artifact role create
Create blueprint role artifact.
az blueprint artifact role create --artifact-name
--blueprint-name
--principal-ids
--role-definition-id
[--depends-on]
[--description]
[--display-name]
[--management-group]
[--resource-group-art]
[--subscription]Examples
Create a role artifact
az blueprint artifact role create \
--blueprint-name MyBlueprint --artifact-name MyRole --role-definition-id \
"/providers/Microsoft.Authorization/roleDefinitions/00000000-0000-0000-0000-000000000000" \
--principal-ids "[parameters('[Usergrouporapplicationname]:MyRoleAssignmentName')]"Required Parameters
Name of the blueprint artifact.
Name of the blueprint definition.
Array of user or group identities in Azure Active Directory or a reference to the corresponding parameter in blueprint definiton. The roleDefinition will apply to each identity.
The full role definition id. Only built-in roles are supported.
Optional Parameters
Artifacts which need to be deployed before the specified artifact.
Description of the blueprint artifact.
DisplayName of this artifact.
Use management group for the scope of the blueprint.
Name of the resource group artifact to which the policy will be assigned.
Use subscription for the scope of the blueprint. If --management-group is not specified, --subscription value or the default subscription will be used as the scope.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az blueprint artifact role update
Update blueprint role artifact.
az blueprint artifact role update --artifact-name
--blueprint-name
[--depends-on]
[--description]
[--display-name]
[--management-group]
[--resource-group-art]
[--subscription]Examples
Update a role artifact
az blueprint artifact role update \
--blueprint-name MyBlueprint --artifact-name MyRole --display-name "My Big Role"Required Parameters
Name of the blueprint artifact.
Name of the blueprint definition.
Optional Parameters
Artifacts which need to be deployed before the specified artifact. Use '--depends-on' with no values to remove dependencies.
Description of the blueprint artifact.
DisplayName of this artifact.
Use management group for the scope of the blueprint.
Name of the resource group artifact to which the policy will be assigned.
Use subscription for the scope of the blueprint. If --management-group is not specified, --subscription value or the default subscription will be used as the scope.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for