New-AzManagedServicesAuthorizationObject

Reference

Module:: Az.ManagedServices

Create an in-memory object for Authorization.

Syntax

New-AzManagedServicesAuthorizationObject
   -PrincipalId <String>
   -RoleDefinitionId <String>
   [-DelegatedRoleDefinitionId <String[]>]
   [-PrincipalIdDisplayName <String>]
   [<CommonParameters>]

Description

Create an in-memory object for Authorization.

Examples

Example 1: Create new Azure Lighthouse Authorization object to use with Registration definition

New-AzManagedServicesAuthorizationObject -PrincipalId "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" -RoleDefinitionId "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" -PrincipalIdDisplayName "Test user"

DelegatedRoleDefinitionId PrincipalId                          PrincipalIdDisplayName RoleDefinitionId
------------------------- -----------                          ---------------------- ----------------
                          xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx Test user              xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Creates new Azure Lighthouse authorization object to use with Registration definition.

Example 2: Create new Azure Lighthouse Authorization object with delegatedRoleDefinitionIds

New-AzManagedServicesAuthorizationObject -PrincipalId "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" -RoleDefinitionId "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" -PrincipalIdDisplayName "Test user" -DelegatedRoleDefinitionId "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"

DelegatedRoleDefinitionId                                                    PrincipalId                          PrincipalIdDisplayName RoleDefinitionId
-------------------------                                                    -----------                          ---------------------- ----------------
{xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx, xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx} xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx Test user              xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Creates new Azure Lighthouse authorization object with delegatedRoleDefinitionIds.

Parameters

-DelegatedRoleDefinitionId

The delegatedRoleDefinitionIds field is required when the roleDefinitionId refers to the User Access Administrator Role. It is the list of role definition ids which define all the permissions that the user in the authorization can assign to other principals.

Type:	String[]
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-PrincipalId

The identifier of the Azure Active Directory principal.

Type:	String
Position:	Named
Default value:	None
Required:	True
Accept pipeline input:	False
Accept wildcard characters:	False

-PrincipalIdDisplayName

The display name of the Azure Active Directory principal.

Type:	String
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-RoleDefinitionId

The identifier of the Azure built-in role that defines the permissions that the Azure Active Directory principal will have on the projected scope.

Type:	String
Position:	Named
Default value:	None
Required:	True
Accept pipeline input:	False
Accept wildcard characters:	False

Outputs

Authorization

Partager via