New-AzSynapseRoleAssignment
Creates a Synapse Analytics role assignment.
Syntax
New-AzSynapseRoleAssignment
-WorkspaceName <String>
-RoleDefinitionName <String>
-SignInName <String>
[-ItemType <WorkspaceItemType>]
[-Item <String>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] New-AzSynapseRoleAssignment
-WorkspaceName <String>
-RoleDefinitionName <String>
-ObjectId <String>
[-ItemType <WorkspaceItemType>]
[-Item <String>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] New-AzSynapseRoleAssignment
-WorkspaceName <String>
-RoleDefinitionId <String>
-ObjectId <String>
[-ItemType <WorkspaceItemType>]
[-Item <String>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] New-AzSynapseRoleAssignment
-WorkspaceName <String>
-RoleDefinitionName <String>
-ServicePrincipalName <String>
[-ItemType <WorkspaceItemType>]
[-Item <String>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] New-AzSynapseRoleAssignment
-WorkspaceObject <PSSynapseWorkspace>
-RoleDefinitionName <String>
-SignInName <String>
[-ItemType <WorkspaceItemType>]
[-Item <String>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] New-AzSynapseRoleAssignment
-WorkspaceObject <PSSynapseWorkspace>
-RoleDefinitionName <String>
-ObjectId <String>
[-ItemType <WorkspaceItemType>]
[-Item <String>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] New-AzSynapseRoleAssignment
-WorkspaceObject <PSSynapseWorkspace>
-RoleDefinitionId <String>
-ObjectId <String>
[-ItemType <WorkspaceItemType>]
[-Item <String>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] New-AzSynapseRoleAssignment
-WorkspaceObject <PSSynapseWorkspace>
-RoleDefinitionName <String>
-ServicePrincipalName <String>
[-ItemType <WorkspaceItemType>]
[-Item <String>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
The New-AzSynapseRoleAssignment cmdlet creates an Azure Synapse Analytics role assignment.
The cmdlet may call below Microsoft Graph API according to input parameters:
- GET /users/{id}
- GET /servicePrincipals/{id}
Note
To create a role assignment for a service principal, pass the object ID of the principal in the ObjectId parameter. When you are a user with permission to manage Azure RBAC role assignment on the workspace but not a Synapse Administrator, please create Synapse Administrator role by -RoleDefinitionId and -ObjectId directly but not by -RoleDefinitionName, for Synapse Administrator, RoleDefinitionId is "00001111-aaaa-2222-bbbb-3333cccc4444", please take below Example 5 as reference. The reason for this is , when you try to add a "Synapse Administrator" role, the cmdlet needs to get the role ID from the role name which requires workspace read permission, which the current user does not have.
Examples
Example 1
New-AzSynapseRoleAssignment -WorkspaceName ContosoWorkspace -RoleDefinitionName ContosoRole -SignInName ContosoNameThis command assigns ContosoRole to the user whose principal name is ContosoName.
Example 2
New-AzSynapseRoleAssignment -WorkspaceName ContosoWorkspace -RoleDefinitionName ContosoRole -SignInName ContosoName -ItemType ContosoItemType -Item ContosoItemThis command assigns ContosoRole to the user whose principal name is ContosoName and item type is ContosoItemType, item is ContosoItem.
Example 3
New-AzSynapseRoleAssignment -WorkspaceName ContosoWorkspace -RoleDefinitionName ContosoRole -SignInName ContosoName -ItemType ContosoItemType -Item ContosoItemThis command assigns ContosoRole to the user whose principal name is ContosoName and item type is ContosoItemType, item is ContosoItem.
Example 4
$ws = Get-AzSynapseWorkspace -Name ContosoWorkspace
$ws | New-AzSynapseRoleAssignment -RoleDefinitionName ContosoRole -SignInName ContosoNameThis command assigns ContosoRole to the user whose principal name is ContosoName through pipeline.
Example 5
$ws = Get-AzSynapseWorkspace -Name ContosoWorkspace
$ws | New-AzSynapseRoleAssignment -RoleDefinitionId "00001111-aaaa-2222-bbbb-3333cccc4444" -ObjectId ContosoObjectIdThis command assigns Synapse Administrator role to the user whose object Id is ContosoObjectId through pipeline.
Parameters
-AsJob
Run cmdlet in the background
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with Azure.
| Type: | IAzureContextContainer |
| Aliases: | AzContext, AzureRmContext, AzureCredential |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Item
The workspace item.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ItemType
The workspace item type.
| Type: | Microsoft.Azure.Commands.Synapse.Models.SynapseConstants+WorkspaceItemType |
| Accepted values: | ApacheSparkPool, IntegrationRuntime, LinkedService, Credential |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ObjectId
The Microsoft Entra ObjectId of the User, Group or Service Principal.
| Type: | String |
| Aliases: | Id, PrincipalId |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-RoleDefinitionId
Id of the Role that is assigned to the principal.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-RoleDefinitionName
Name of the Role that is assigned to the principal.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ServicePrincipalName
The ServicePrincipalName of the service principal.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-SignInName
The email address or the user principal name of the user.
| Type: | String |
| Aliases: | Email, UserPrincipalName |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WorkspaceName
Name of Synapse workspace.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WorkspaceObject
workspace input object, usually passed through the pipeline.
| Type: | PSSynapseWorkspace |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Inputs
Outputs
Azure PowerShell