New-AzADServicePrincipalAppRoleAssignment
Create new navigation property to appRoleAssignments for servicePrincipals
Syntax
New-AzADServicePrincipalAppRoleAssignment
-ServicePrincipalId <String>
-ResourceId <String>
[-AdditionalProperties <Hashtable>]
[-AppRoleId <String>]
[-DefaultProfile <PSObject>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
New-AzADServicePrincipalAppRoleAssignment
-ServicePrincipalId <String>
[-AdditionalProperties <Hashtable>]
[-AppRoleId <String>]
-ResourceDisplayName <String>
[-DefaultProfile <PSObject>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
New-AzADServicePrincipalAppRoleAssignment
-ResourceId <String>
[-AdditionalProperties <Hashtable>]
[-AppRoleId <String>]
-ServicePrincipalDisplayName <String>
[-DefaultProfile <PSObject>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
New-AzADServicePrincipalAppRoleAssignment
[-AdditionalProperties <Hashtable>]
[-AppRoleId <String>]
-ResourceDisplayName <String>
-ServicePrincipalDisplayName <String>
[-DefaultProfile <PSObject>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
Create new navigation property to appRoleAssignments for servicePrincipals
Examples
Example 1: ObjectIdWithResourceIdParameterSet
New-AzADServicePrincipalAppRoleAssignment -ServicePrincipalId 71beb965-8347-495d-a589-c21cdde7a722 -ResourceId 351fa797-c81a-4998-9720-4c2ecb6c7abc -AppRoleId 649ae968-bdf9-4f22-bb2c-2aa1b4af0a83
Id AppRoleId PrincipalDisplayName PrincipalId CreatedDateTime
-- --------- -------------------- ----------- ---------------
Zbm-cUeDXUmlicIc3eenIkgIm8kv9kJPj4MFhepACNE 649ae968-bdf9-4f22-bb2c-2aa1b4af0a83 funapp1214 71beb965-8347-495d-a589-c21cdde7a722 12/14/2023 7:04:28 AM
Create an appRoleAssignment using ServicePrincipalId and ResourceId.
Example 2: SPNWithResourceDisplayNameParameterSet
New-AzADServicePrincipalAppRoleAssignment -ServicePrincipalDisplayName funapp1214 -ResourceDisplayName nori-sp -AppRoleId 649ae968-bdf9-4f22-bb2c-2aa1b4af0a83
Id AppRoleId PrincipalDisplayName PrincipalId CreatedDateTime
-- --------- -------------------- ----------- ---------------
Zbm-cUeDXUmlicIc3eenIlqgWRlWp2hFrXIJiqP2j78 649ae968-bdf9-4f22-bb2c-2aa1b4af0a83 funapp1214 71beb965-8347-495d-a589-c21cdde7a722 12/14/2023 7:07:16 AM
Create an appRoleAssignment for service principal using ServicePrincipal DisplayName and Resource DisplayName.
Parameters
-AdditionalProperties
ParameterSetName='CreateExpanded')] Additional Parameters
Type: | Hashtable |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AppRoleId
The identifier (id) for the app role which is assigned to the principal. This app role must be exposed in the appRoles property on the resource application's service principal (resourceId). If the resource application has not declared any app roles, a default app role ID of 00000000-0000-0000-0000-000000000000 can be specified to signal that the principal is assigned to the resource app without any specific app roles. Required on create.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
Type: | SwitchParameter |
Aliases: | cf |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with Azure.
Type: | PSObject |
Aliases: | AzureRMContext, AzureCredential |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ResourceDisplayName
The display name of the resource app's service principal to which the assignment is made.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ResourceId
The unique identifier (id) for the resource service principal for which the assignment is made. Required on create. Supports $filter (eq only).
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ServicePrincipalDisplayName
The name displayed in directory
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ServicePrincipalId
The unique identifier (id) for the user, group or service principal being granted the app role. Required on create.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Type: | SwitchParameter |
Aliases: | wi |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Inputs
IMicrosoftGraphAppRoleAssignment
Outputs
Azure PowerShell