New-AzADServicePrincipalAppRoleAssignment

Module:

Az.Resources Module

Create new navigation property to appRoleAssignments for servicePrincipals

Syntax

ObjectIdWithResourceIdParameterSet (Default)

New-AzADServicePrincipalAppRoleAssignment
    -ServicePrincipalId <String>
    -ResourceId <String>
    [-AdditionalProperties <Hashtable>]
    [-AppRoleId <String>]
    [-DefaultProfile <PSObject>]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

ObjectIdWithResourceDisplayNameParameterSet

New-AzADServicePrincipalAppRoleAssignment
    -ServicePrincipalId <String>
    -ResourceDisplayName <String>
    [-AdditionalProperties <Hashtable>]
    [-AppRoleId <String>]
    [-DefaultProfile <PSObject>]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

SPNWithResourceIdParameterSet

New-AzADServicePrincipalAppRoleAssignment
    -ResourceId <String>
    -ServicePrincipalDisplayName <String>
    [-AdditionalProperties <Hashtable>]
    [-AppRoleId <String>]
    [-DefaultProfile <PSObject>]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

SPNWithResourceDisplayNameParameterSet

New-AzADServicePrincipalAppRoleAssignment
    -ResourceDisplayName <String>
    -ServicePrincipalDisplayName <String>
    [-AdditionalProperties <Hashtable>]
    [-AppRoleId <String>]
    [-DefaultProfile <PSObject>]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

Description

Create new navigation property to appRoleAssignments for servicePrincipals

Examples

Example 1: ObjectIdWithResourceIdParameterSet

New-AzADServicePrincipalAppRoleAssignment -ServicePrincipalId 71beb965-8347-495d-a589-c21cdde7a722 -ResourceId 351fa797-c81a-4998-9720-4c2ecb6c7abc -AppRoleId 649ae968-bdf9-4f22-bb2c-2aa1b4af0a83

Id                                          AppRoleId                            PrincipalDisplayName PrincipalId                          CreatedDateTime
--                                          ---------                            -------------------- -----------                          ---------------
Zbm-cUeDXUmlicIc3eenIkgIm8kv9kJPj4MFhepACNE 649ae968-bdf9-4f22-bb2c-2aa1b4af0a83 funapp1214           71beb965-8347-495d-a589-c21cdde7a722 12/14/2023 7:04:28 AM

Create an appRoleAssignment using ServicePrincipalId and ResourceId.

Example 2: SPNWithResourceDisplayNameParameterSet

New-AzADServicePrincipalAppRoleAssignment -ServicePrincipalDisplayName funapp1214 -ResourceDisplayName nori-sp -AppRoleId 649ae968-bdf9-4f22-bb2c-2aa1b4af0a83

Id                                          AppRoleId                            PrincipalDisplayName PrincipalId                          CreatedDateTime
--                                          ---------                            -------------------- -----------                          ---------------
Zbm-cUeDXUmlicIc3eenIlqgWRlWp2hFrXIJiqP2j78 649ae968-bdf9-4f22-bb2c-2aa1b4af0a83 funapp1214           71beb965-8347-495d-a589-c21cdde7a722 12/14/2023 7:07:16 AM

Create an appRoleAssignment for service principal using ServicePrincipal DisplayName and Resource DisplayName.

Parameters

-AdditionalProperties

ParameterSetName='CreateExpanded')] Additional Parameters

Parameter properties

Type:	Hashtable
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

(All)

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-AppRoleId

The identifier (id) for the app role which is assigned to the principal. This app role must be exposed in the appRoles property on the resource application's service principal (resourceId). If the resource application has not declared any app roles, a default app role ID of 00000000-0000-0000-0000-000000000000 can be specified to signal that the principal is assigned to the resource app without any specific app roles. Required on create.

Parameter properties

Type:	String
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

(All)

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-Confirm

Prompts you for confirmation before running the cmdlet.

Parameter properties

Type:	SwitchParameter
Default value:	None
Supports wildcards:	False
DontShow:	False
Aliases:	cf

Parameter sets

(All)

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Parameter properties

Type:	PSObject
Default value:	None
Supports wildcards:	False
DontShow:	False
Aliases:	AzureRMContext, AzureCredential

Parameter sets

(All)

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-ResourceDisplayName

The display name of the resource app's service principal to which the assignment is made.

Parameter properties

Type:	String
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

ObjectIdWithResourceDisplayNameParameterSet

Position:	Named
Mandatory:	True
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

SPNWithResourceDisplayNameParameterSet

Position:	Named
Mandatory:	True
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-ResourceId

The unique identifier (id) for the resource service principal for which the assignment is made. Required on create. Supports $filter (eq only).

Parameter properties

Type:	String
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

ObjectIdWithResourceIdParameterSet

Position:	Named
Mandatory:	True
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

SPNWithResourceIdParameterSet

Position:	Named
Mandatory:	True
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-ServicePrincipalDisplayName

The name displayed in directory

Parameter properties

Type:	String
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

SPNWithResourceIdParameterSet

Position:	Named
Mandatory:	True
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

SPNWithResourceDisplayNameParameterSet

Position:	Named
Mandatory:	True
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-ServicePrincipalId

The unique identifier (id) for the user, group or service principal being granted the app role. Required on create.

Parameter properties

Type:	String
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

ObjectIdWithResourceIdParameterSet

Position:	Named
Mandatory:	True
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

ObjectIdWithResourceDisplayNameParameterSet

Position:	Named
Mandatory:	True
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Parameter properties

Type:	SwitchParameter
Default value:	None
Supports wildcards:	False
DontShow:	False
Aliases:	wi

Parameter sets

(All)

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

Inputs

IMicrosoftGraphAppRoleAssignment

Outputs

IMicrosoftGraphAppRoleAssignment