Update-AzRoleManagementPolicy
Memutakhirkan kebijakan manajemen peran
Sintaks
Update-AzRoleManagementPolicy
-Name <String>
-Scope <String>
[-Description <String>]
[-DisplayName <String>]
[-IsOrganizationDefault]
[-Rule <IRoleManagementPolicyRule[]>]
[-DefaultProfile <PSObject>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Update-AzRoleManagementPolicy
-InputObject <IAuthorizationIdentity>
[-Description <String>]
[-DisplayName <String>]
[-IsOrganizationDefault]
[-Rule <IRoleManagementPolicyRule[]>]
[-DefaultProfile <PSObject>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Deskripsi
Memutakhirkan kebijakan manajemen peran
Contoh
Contoh 1: Memperbarui aturan kedaluwarsa kebijakan
$scope = "/subscriptions/38ab2ccc-3747-4567-b36b-9478f5602f0d/"
$expirationRule = [RoleManagementPolicyExpirationRule]@{
isExpirationRequired = "false";
maximumDuration = "P180D";
id = "Expiration_Admin_Eligibility";
ruleType = [RoleManagementPolicyRuleType]("RoleManagementPolicyExpirationRule");
targetCaller = "Admin";
targetOperation = @('All');
targetLevel = "Eligibility";
targetObject = $null;
targetInheritableSetting = $null;
targetEnforcedSetting = $null;
}
$rules = [IRoleManagementPolicyRule[]]@($expirationRule)
Update-AzRoleManagementPolicy -Scope $scope -Name "33b520ea-3544-4abc-8565-3588deb8e68e" -Rule $rules
Name Type Scope
---- ---- -----
33b520ea-3544-4abc-8565-3588deb8e68e Microsoft.Authorization/roleManagementPolicies /subscriptions/38ab2ccc-3747-4567-b36b-9478f5602f0d
Setiap individu Rule
pada kebijakan dapat diperbarui secara independen.
Contoh 2: Memperbarui aturan kedaluwarsa dan aturan pemberitahuan kebijakan
$scope = "/subscriptions/38ab2ccc-3747-4567-b36b-9478f5602f0d/"
$expirationRule = [RoleManagementPolicyExpirationRule]@{
isExpirationRequired = "false";
maximumDuration = "P180D";
id = "Expiration_Admin_Eligibility";
ruleType = [RoleManagementPolicyRuleType]("RoleManagementPolicyExpirationRule");
targetCaller = "Admin";
targetOperation = @('All');
targetLevel = "Eligibility";
targetObject = $null;
targetInheritableSetting = $null;
targetEnforcedSetting = $null;
}
$notificationRule = [RoleManagementPolicyNotificationRule]@{
notificationType = "Email";
recipientType = "Approver";
isDefaultRecipientsEnabled = "false";
notificationLevel = "Critical";
notificationRecipient = $null;
id = "Notification_Approver_Admin_Eligibility";
ruleType = [RoleManagementPolicyRuleType]("RoleManagementPolicyNotificationRule");
targetCaller = "Admin";
targetOperation = @('All');
targetLevel = "Eligibility";
targetObject = $null;
targetInheritableSetting = $null;
targetEnforcedSetting = $null;
}
$rules = [IRoleManagementPolicyRule[]]@($expirationRule, $notificationRule)
Update-AzRoleManagementPolicy -Scope $scope -Name "33b520ea-3544-4abc-8565-3588deb8e68e" -Rule $rules
Name Type Scope
---- ---- -----
33b520ea-3544-4abc-8565-3588deb8e68e Microsoft.Authorization/roleManagementPolicies /subscriptions/38ab2ccc-3747-4567-b36b-9478f5602f0d
Beberapa Rule
dapat diperbarui bersama-sama.
Parameter
-Confirm
Meminta Anda mengonfirmasi sebelum menjalankan cmdlet.
Type: | SwitchParameter |
Aliases: | cf |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DefaultProfile
Parameter DefaultProfile tidak berfungsi. Gunakan parameter SubscriptionId saat tersedia jika menjalankan cmdlet terhadap langganan yang berbeda.
Type: | PSObject |
Aliases: | AzureRMContext, AzureCredential |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Description
Deskripsi kebijakan manajemen peran.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DisplayName
Nama tampilan kebijakan manajemen peran.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-InputObject
Parameter Identitas Untuk membangun, lihat bagian CATATAN untuk properti INPUTOBJECT dan membuat tabel hash.
Type: | IAuthorizationIdentity |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-IsOrganizationDefault
Kebijakan manajemen peran adalah kebijakan default.
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Name
Nama (guid) dari kebijakan manajemen peran ke upsert.
Type: | String |
Aliases: | RoleManagementPolicyName |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Rule
Aturan diterapkan ke kebijakan. Untuk membuat, lihat bagian CATATAN untuk properti ATURAN dan membuat tabel hash.
Type: | IRoleManagementPolicyRule[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Scope
Cakupan kebijakan manajemen peran untuk upsert.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-WhatIf
Menunjukkan apa yang akan terjadi jika cmdlet berjalan. Cmdlet tidak dijalankan.
Type: | SwitchParameter |
Aliases: | wi |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Input
Output
Azure PowerShell
Saran dan Komentar
https://aka.ms/ContentUserFeedback.
Segera hadir: Sepanjang tahun 2024 kami akan menghentikan penggunaan GitHub Issues sebagai mekanisme umpan balik untuk konten dan menggantinya dengan sistem umpan balik baru. Untuk mengetahui informasi selengkapnya, lihat:Kirim dan lihat umpan balik untuk