你当前正在访问 Microsoft Azure Global Edition 技术文档网站。 如果需要访问由世纪互联运营的 Microsoft Azure 中国技术文档网站,请访问 https://docs.azure.cn

Get-AzKeyVaultRoleDefinition

List role definitions of a given managed HSM at a given scope.

语法

Interactive (默认值)

Get-AzKeyVaultRoleDefinition
    [-HsmName] <String>
    [-Scope <String>]
    [-DefaultProfile <IAzureContextContainer>]
    [<CommonParameters>]

CustomOnly

Get-AzKeyVaultRoleDefinition
    [-HsmName] <String>
    [-Scope <String>]
    [-Custom]
    [-DefaultProfile <IAzureContextContainer>]
    [<CommonParameters>]

ByName

Get-AzKeyVaultRoleDefinition
    [-HsmName] <String>
    -RoleDefinitionName <String>
    [-Scope <String>]
    [-DefaultProfile <IAzureContextContainer>]
    [<CommonParameters>]

说明

List role definitions of a given managed HSM at a given scope.

示例

Example 1

Get-AzKeyVaultRoleDefinition -HsmName myHsm -Scope "/keys"
RoleName                              Description Permissions
--------                              ----------- -----------
Managed HSM Administrator                         1 permission(s)
Managed HSM Crypto Officer                        1 permission(s)
Managed HSM Crypto User                           1 permission(s)
Managed HSM Policy Administrator                  1 permission(s)
Managed HSM Crypto Auditor                        1 permission(s)
Managed HSM Crypto Service Encryption             1 permission(s)
Managed HSM Backup                                1 permission(s)

The example lists all the roles at "/keys" scope.

Example 2

$backupRole = Get-AzKeyVaultRoleDefinition -HsmName myHsm -RoleDefinitionName "Managed HSM Backup User"

$backupRole.Permissions

Actions     NotActions  DataActions NotDataActions
-------     ----------  ----------- --------------
0 action(s) 0 action(s) 3 action(s) 0 action(s)

$backupRole.Permissions.DataActions

Microsoft.KeyVault/managedHsm/backup/start/action
Microsoft.KeyVault/managedHsm/backup/status/action
Microsoft.KeyVault/managedHsm/keys/backup/action

The example gets the "Managed HSM Backup" role and inspects its permissions.

Example 3

Get-AzKeyVaultRoleDefinition -HsmName myHsm -Custom

This example lists all the custom role definitions belong to "myHsm".

参数

-Custom

If specified, only displays the custom created roles in the directory.

参数属性

类型:SwitchParameter
默认值:None
支持通配符:False
不显示:False

参数集

CustomOnly
Position:Named
必需:True
来自管道的值:False
来自管道的值(按属性名称):False
来自剩余参数的值:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

参数属性

类型:IAzureContextContainer
默认值:None
支持通配符:False
不显示:False
别名:AzContext, AzureRmContext, AzureCredential

参数集

(All)
Position:Named
必需:False
来自管道的值:False
来自管道的值(按属性名称):False
来自剩余参数的值:False

-HsmName

Name of the HSM.

参数属性

类型:String
默认值:None
支持通配符:False
不显示:False

参数集

(All)
Position:1
必需:True
来自管道的值:False
来自管道的值(按属性名称):False
来自剩余参数的值:False

-RoleDefinitionName

Name of the role definition to get.

参数属性

类型:String
默认值:None
支持通配符:False
不显示:False
别名:RoleName

参数集

ByName
Position:Named
必需:True
来自管道的值:False
来自管道的值(按属性名称):False
来自剩余参数的值:False

-Scope

Scope at which the role assignment or definition applies to, e.g., '/' or '/keys' or '/keys/{keyName}'. '/' is used when omitted.

参数属性

类型:String
默认值:None
支持通配符:False
不显示:False

参数集

(All)
Position:Named
必需:False
来自管道的值:False
来自管道的值(按属性名称):False
来自剩余参数的值:False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

输入

None

输出

PSKeyVaultRoleDefinition