New-AzRoleAssignmentScheduleRequest
Creates a role assignment schedule request.
Syntax
New-AzRoleAssignmentScheduleRequest
-Name <String>
-Scope <String>
[-Condition <String>]
[-ConditionVersion <String>]
[-ExpirationDuration <String>]
[-ExpirationEndDateTime <DateTime>]
[-ExpirationType <Type>]
[-Justification <String>]
[-LinkedRoleEligibilityScheduleId <String>]
[-PrincipalId <String>]
[-RequestType <RequestType>]
[-RoleDefinitionId <String>]
[-ScheduleInfoStartDateTime <DateTime>]
[-TargetRoleAssignmentScheduleId <String>]
[-TargetRoleAssignmentScheduleInstanceId <String>]
[-TicketNumber <String>]
[-TicketSystem <String>]
[-DefaultProfile <PSObject>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
Creates a role assignment schedule request.
Examples
Example 1: Create a new role assignment schedule request as Admin
$guid = "12f8978c-5d8d-4fbf-b4b6-2f43eeb43eca"
$startTime = Get-Date -Format o
$scope = "/subscriptions/38ab2ccc-3747-4567-b36b-9478f5602f0d/"
New-AzRoleAssignmentScheduleRequest -Name $guid -Scope $scope -ExpirationDuration PT1H -ExpirationType AfterDuration -PrincipalId 5a4bdd72-ab3e-4d8e-ab0f-8dd8917481a2 -RequestType AdminAssign -RoleDefinitionId subscriptions/38ab2ccc-3747-4567-b36b-9478f5602f0d/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7 -ScheduleInfoStartDateTime $startTime
Name Type Scope RoleDefinitionId
---- ---- ----- ----------------
12f8978c-5d8d-4fbf-b4b6-2f43eeb43eca Microsoft.Authorization/roleAssignmentScheduleRequests /subscriptions/38ab2ccc-3747-4567-b36b-9478f5602f0d /subscriptions/38ab2ccc-3747-4567-b36b-9478f5602f0d/providers/Microsoft.Authori…Creates a request to provision an active assignment of roleDefinition on the scope for the specified principal
Example 2: Remove a role assignment schedule request as Admin
$guid = "13f8978c-5d8d-4fbf-b4b6-2f43eeb43eca"
$startTime = Get-Date -Format o
$scope = "/subscriptions/38ab2ccc-3747-4567-b36b-9478f5602f0d/"
New-AzRoleAssignmentScheduleRequest -Name $guid -Scope $scope -ExpirationDuration PT1H -ExpirationType AfterDuration -PrincipalId 5a4bdd72-ab3e-4d8e-ab0f-8dd8917481a2 -RequestType AdminRemove -RoleDefinitionId subscriptions/38ab2ccc-3747-4567-b36b-9478f5602f0d/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7 -ScheduleInfoStartDateTime $startTime
Name Type Scope RoleDefinitionId
---- ---- ----- ----------------
13f8978c-5d8d-4fbf-b4b6-2f43eeb43eca Microsoft.Authorization/roleAssignmentScheduleRequests /subscriptions/38ab2ccc-3747-4567-b36b-9478f5602f0d /subscriptions/38ab2ccc-3747-4567-b36b-9478f5602f0d/providers/Microsoft.Authori…Creates a request to remove an active assignment of roleDefinition on the scope for the specified principal
Example 3: Activate a new role assignment schedule request as user
$guid = "12f8978c-5d8d-4fbf-b4b6-2f43eeb43eca"
$startTime = Get-Date -Format o
$scope = "/subscriptions/38ab2ccc-3747-4567-b36b-9478f5602f0d/"
New-AzRoleAssignmentScheduleRequest -Name $guid -Scope $scope -ExpirationDuration PT1H -ExpirationType AfterDuration -PrincipalId 5a4bdd72-ab3e-4d8e-ab0f-8dd8917481a2 -RequestType SelfActivate -RoleDefinitionId subscriptions/38ab2ccc-3747-4567-b36b-9478f5602f0d/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7 -ScheduleInfoStartDateTime $startTime
Name Type Scope RoleDefinitionId
---- ---- ----- ----------------
12f8978c-5d8d-4fbf-b4b6-2f43eeb43eca Microsoft.Authorization/roleAssignmentScheduleRequests /subscriptions/38ab2ccc-3747-4567-b36b-9478f5602f0d /subscriptions/38ab2ccc-3747-4567-b36b-9478f5602f0d/providers/Microsoft.Authori…Creates a request to activate an eligible assignment of roleDefinition on the scope for the specified principal
Example 4: Deactivate a role assignment schedule request as user
$guid = "12f8978c-5d8d-4fbf-b4b6-2f43eeb43eca"
$startTime = Get-Date -Format o
$scope = "/subscriptions/38ab2ccc-3747-4567-b36b-9478f5602f0d/"
New-AzRoleAssignmentScheduleRequest -Name $guid -Scope $scope -ExpirationDuration PT1H -ExpirationType AfterDuration -PrincipalId 5a4bdd72-ab3e-4d8e-ab0f-8dd8917481a2 -RequestType SelfDeactivate -RoleDefinitionId subscriptions/38ab2ccc-3747-4567-b36b-9478f5602f0d/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7 -ScheduleInfoStartDateTime $startTime
Name Type Scope RoleDefinitionId
---- ---- ----- ----------------
12f8978c-5d8d-4fbf-b4b6-2f43eeb43eca Microsoft.Authorization/roleAssignmentScheduleRequests /subscriptions/38ab2ccc-3747-4567-b36b-9478f5602f0d /subscriptions/38ab2ccc-3747-4567-b36b-9478f5602f0d/providers/Microsoft.Authori…Creates a request to deactivate an eligible assignment of roleDefinition on the scope for the specified principal
Parameters
-Condition
The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ConditionVersion
Version of the condition. Currently accepted value is '2.0'
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DefaultProfile
The DefaultProfile parameter is not functional. Use the SubscriptionId parameter when available if executing the cmdlet against a different subscription.
| Type: | PSObject |
| Aliases: | AzureRMContext, AzureCredential |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ExpirationDuration
Duration of the role assignment schedule in TimeSpan.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ExpirationEndDateTime
End DateTime of the role assignment schedule.
| Type: | DateTime |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ExpirationType
Type of the role assignment schedule expiration
| Type: | Type |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Justification
Justification for the role assignment
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-LinkedRoleEligibilityScheduleId
The linked role eligibility schedule id - to activate an eligibility.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Name
The name of the role assignment to create. It can be any valid GUID.
| Type: | String |
| Aliases: | RoleAssignmentScheduleRequestName |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-PrincipalId
The principal ID.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-RequestType
The type of the role assignment schedule request. Eg: SelfActivate, AdminAssign etc
| Type: | RequestType |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-RoleDefinitionId
The role definition ID.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ScheduleInfoStartDateTime
Start DateTime of the role assignment schedule.
| Type: | DateTime |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Scope
The scope of the role assignment schedule request to create. The scope can be any REST resource instance. For example, use '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/' for a subscription, '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}' for a resource group, and '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/{resource-provider}/{resource-type}/{resource-name}' for a resource.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-TargetRoleAssignmentScheduleId
The resultant role assignment schedule id or the role assignment schedule id being updated
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-TargetRoleAssignmentScheduleInstanceId
The role assignment schedule instance id being updated
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-TicketNumber
Ticket number for the role assignment
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-TicketSystem
Ticket system name for the role assignment
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Outputs
Azure PowerShell