Modifier

Partager via


New-AzADServicePrincipalAppRoleAssignment

Create new navigation property to appRoleAssignments for servicePrincipals

Syntax

New-AzADServicePrincipalAppRoleAssignment
   -ServicePrincipalId <String>
   -ResourceId <String>
   [-AdditionalProperties <Hashtable>]
   [-AppRoleId <String>]
   [-DefaultProfile <PSObject>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
New-AzADServicePrincipalAppRoleAssignment
   -ServicePrincipalId <String>
   [-AdditionalProperties <Hashtable>]
   [-AppRoleId <String>]
   -ResourceDisplayName <String>
   [-DefaultProfile <PSObject>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
New-AzADServicePrincipalAppRoleAssignment
   -ResourceId <String>
   [-AdditionalProperties <Hashtable>]
   [-AppRoleId <String>]
   -ServicePrincipalDisplayName <String>
   [-DefaultProfile <PSObject>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
New-AzADServicePrincipalAppRoleAssignment
   [-AdditionalProperties <Hashtable>]
   [-AppRoleId <String>]
   -ResourceDisplayName <String>
   -ServicePrincipalDisplayName <String>
   [-DefaultProfile <PSObject>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Description

Create new navigation property to appRoleAssignments for servicePrincipals

Examples

Example 1: ObjectIdWithResourceIdParameterSet

New-AzADServicePrincipalAppRoleAssignment -ServicePrincipalId 00001111-aaaa-2222-bbbb-3333cccc4444 -ResourceId a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 -AppRoleId b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2

Id                                          AppRoleId                            PrincipalDisplayName PrincipalId                          CreatedDateTime
--                                          ---------                            -------------------- -----------                          ---------------
Zbm-cUeDXUmlicIc3eenIkgIm8kv9kJPj4MFhepACNE b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2 funapp1214           00001111-aaaa-2222-bbbb-3333cccc4444 12/14/2023 7:04:28 AM

Create an appRoleAssignment using ServicePrincipalId and ResourceId.

Example 2: SPNWithResourceDisplayNameParameterSet

New-AzADServicePrincipalAppRoleAssignment -ServicePrincipalDisplayName funapp1214 -ResourceDisplayName nori-sp -AppRoleId b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2

Id                                          AppRoleId                            PrincipalDisplayName PrincipalId                          CreatedDateTime
--                                          ---------                            -------------------- -----------                          ---------------
Zbm-cUeDXUmlicIc3eenIlqgWRlWp2hFrXIJiqP2j78 b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2 funapp1214           00001111-aaaa-2222-bbbb-3333cccc4444 12/14/2023 7:07:16 AM

Create an appRoleAssignment for service principal using ServicePrincipal DisplayName and Resource DisplayName.

Parameters

-AdditionalProperties

ParameterSetName='CreateExpanded')] Additional Parameters

Type:Hashtable
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-AppRoleId

The identifier (id) for the app role which is assigned to the principal. This app role must be exposed in the appRoles property on the resource application's service principal (resourceId). If the resource application has not declared any app roles, a default app role ID of 00000000-0000-0000-0000-000000000000 can be specified to signal that the principal is assigned to the resource app without any specific app roles. Required on create.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Type:PSObject
Aliases:AzureRMContext, AzureCredential
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ResourceDisplayName

The display name of the resource app's service principal to which the assignment is made.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-ResourceId

The unique identifier (id) for the resource service principal for which the assignment is made. Required on create. Supports $filter (eq only).

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-ServicePrincipalDisplayName

The name displayed in directory

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-ServicePrincipalId

The unique identifier (id) for the user, group or service principal being granted the app role. Required on create.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

IMicrosoftGraphAppRoleAssignment

Outputs

IMicrosoftGraphAppRoleAssignment