Update-AzRoleManagementPolicy
Uppdatera en princip för rollhantering
Syntax
Update-AzRoleManagementPolicy
-Name <String>
-Scope <String>
[-Description <String>]
[-DisplayName <String>]
[-IsOrganizationDefault]
[-Rule <IRoleManagementPolicyRule[]>]
[-DefaultProfile <PSObject>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Update-AzRoleManagementPolicy
-InputObject <IAuthorizationIdentity>
[-Description <String>]
[-DisplayName <String>]
[-IsOrganizationDefault]
[-Rule <IRoleManagementPolicyRule[]>]
[-DefaultProfile <PSObject>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
Uppdatera en princip för rollhantering
Exempel
Exempel 1: Uppdatera förfalloregeln för en princip
$scope = "/subscriptions/38ab2ccc-3747-4567-b36b-9478f5602f0d/"
$expirationRule = [RoleManagementPolicyExpirationRule]@{
isExpirationRequired = "false";
maximumDuration = "P180D";
id = "Expiration_Admin_Eligibility";
ruleType = [RoleManagementPolicyRuleType]("RoleManagementPolicyExpirationRule");
targetCaller = "Admin";
targetOperation = @('All');
targetLevel = "Eligibility";
targetObject = $null;
targetInheritableSetting = $null;
targetEnforcedSetting = $null;
}
$rules = [IRoleManagementPolicyRule[]]@($expirationRule)
Update-AzRoleManagementPolicy -Scope $scope -Name "33b520ea-3544-4abc-8565-3588deb8e68e" -Rule $rules
Name Type Scope
---- ---- -----
33b520ea-3544-4abc-8565-3588deb8e68e Microsoft.Authorization/roleManagementPolicies /subscriptions/38ab2ccc-3747-4567-b36b-9478f5602f0dVarje individ Rule i en princip kan uppdateras oberoende av varandra.
Exempel 2: Uppdatera förfalloregeln och en meddelanderegel för en princip
$scope = "/subscriptions/38ab2ccc-3747-4567-b36b-9478f5602f0d/"
$expirationRule = [RoleManagementPolicyExpirationRule]@{
isExpirationRequired = "false";
maximumDuration = "P180D";
id = "Expiration_Admin_Eligibility";
ruleType = [RoleManagementPolicyRuleType]("RoleManagementPolicyExpirationRule");
targetCaller = "Admin";
targetOperation = @('All');
targetLevel = "Eligibility";
targetObject = $null;
targetInheritableSetting = $null;
targetEnforcedSetting = $null;
}
$notificationRule = [RoleManagementPolicyNotificationRule]@{
notificationType = "Email";
recipientType = "Approver";
isDefaultRecipientsEnabled = "false";
notificationLevel = "Critical";
notificationRecipient = $null;
id = "Notification_Approver_Admin_Eligibility";
ruleType = [RoleManagementPolicyRuleType]("RoleManagementPolicyNotificationRule");
targetCaller = "Admin";
targetOperation = @('All');
targetLevel = "Eligibility";
targetObject = $null;
targetInheritableSetting = $null;
targetEnforcedSetting = $null;
}
$rules = [IRoleManagementPolicyRule[]]@($expirationRule, $notificationRule)
Update-AzRoleManagementPolicy -Scope $scope -Name "33b520ea-3544-4abc-8565-3588deb8e68e" -Rule $rules
Name Type Scope
---- ---- -----
33b520ea-3544-4abc-8565-3588deb8e68e Microsoft.Authorization/roleManagementPolicies /subscriptions/38ab2ccc-3747-4567-b36b-9478f5602f0dFlera Rule kan uppdateras tillsammans.
Parametrar
-Confirm
Uppmanar dig att bekräfta innan du kör cmdleten.
| Typ: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| standardvärde: | None |
| Obligatorisk: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DefaultProfile
Parametern DefaultProfile fungerar inte. Använd parametern SubscriptionId när den är tillgänglig om du kör cmdleten mot en annan prenumeration.
| Typ: | PSObject |
| Aliases: | AzureRMContext, AzureCredential |
| Position: | Named |
| standardvärde: | None |
| Obligatorisk: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Description
Beskrivning av rollhanteringsprincipen.
| Typ: | String |
| Position: | Named |
| standardvärde: | None |
| Obligatorisk: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DisplayName
Visningsnamnet för rollhanteringsprincipen.
| Typ: | String |
| Position: | Named |
| standardvärde: | None |
| Obligatorisk: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-InputObject
Identitetsparameter För att skapa, se AVSNITTET ANTECKNINGAR för INPUTOBJECT-egenskaper och skapa en hash-tabell.
| Typ: | IAuthorizationIdentity |
| Position: | Named |
| standardvärde: | None |
| Obligatorisk: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-IsOrganizationDefault
Rollhanteringsprincipen är standardprincip.
| Typ: | SwitchParameter |
| Position: | Named |
| standardvärde: | None |
| Obligatorisk: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Name
Namnet (guid) på rollhanteringsprincipen till upsert.
| Typ: | String |
| Aliases: | RoleManagementPolicyName |
| Position: | Named |
| standardvärde: | None |
| Obligatorisk: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Rule
Regeln som tillämpas på principen. Information om hur du skapar finns i AVSNITTET ANTECKNINGAR för RULE-egenskaper och skapa en hash-tabell.
| Typ: | IRoleManagementPolicyRule[] |
| Position: | Named |
| standardvärde: | None |
| Obligatorisk: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Scope
Omfånget för rollhanteringsprincipen till upsert.
| Typ: | String |
| Position: | Named |
| standardvärde: | None |
| Obligatorisk: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
Visar vad som skulle hända om cmdleten kördes. Cmdleten körs inte.
| Typ: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| standardvärde: | None |
| Obligatorisk: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |