New-AzBlueprintAssignment
Assign a blueprint definition to a subscription or a management group.
Syntax
New-AzBlueprintAssignment
-Name <String>
-Blueprint <PSBlueprintBase>
-Location <String>
[-SystemAssignedIdentity]
[-UserAssignedIdentity <String>]
[-Lock <PSLockMode>]
[-SecureStringParameter <Hashtable>]
[-ResourceGroupParameter <Hashtable>]
[-Parameter <Hashtable>]
[-ManagementGroupId <String>]
[-SubscriptionId <String[]>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
New-AzBlueprintAssignment
-Name <String>
[-Blueprint <PSBlueprintBase>]
[-AssignmentFile <String>]
[-ManagementGroupId <String>]
[-SubscriptionId <String[]>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
Assign a blueprint definition to a subscription.
Examples
Example 1
$rg = @{ResourceGroup=@{name='storage_rg';location='eastus'}}
$params = @{applytaganditsdefaultvalue_tagName="Department_Cost_Center"; applytaganditsdefaultvalue_tagValue="Contoso/RnD/Dev/986754"}
$blueprintObject = Get-AzBlueprint -SubscriptionId "aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e" -Name "myBlueprintName"
$secureString = @{mySecureStringParam=@{keyVaultId='/subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/rsourcegroups/myResourceGroup/providers/Microsoft.Keyvault/Vaults/myKeyVault';secretName='mySecret';secretVersion='1.0'}}
New-AzBlueprintAssignment -Name "myAssignment" -Blueprint $blueprintObject -SubscriptionId "aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e" -Location "West US" -ResourceGroupParameter $rg -Parameter $params -SecureStringParameter $secureString
Name : myAssignment
Id : /subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/providers/Microsoft.Blueprint/blueprintAssignments/myAssignment
Scope : /subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e
LastModified : 2019-01-08
LockMode : None
ProvisioningState : Creating
Parameters : {applytaganditsdefaultvalue_tagName, applytaganditsdefaultvalue_tagValue}
ResourceGroups : ResourceGroup
Create a new blueprint assignment of the blueprint definition $blueprintObject
within the specified subscription using the defined parameter and resource group dictionary. Uses system-assigned identity. The location defines the region for creating the managed identity.
Example 2
New-AzBlueprintAssignment -Name "myAssignment" -Blueprint $blueprintObject -SubscriptionId aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e -Location "West US" -Parameter @{P1="v1"; P2="v2"} -Lock AllResourcesReadOnly
Create a new blueprint assignment of the blueprint definition $blueprintObject
within the specified subscription using the defined parameter and resource group dictionary and configuring resource locking to AllResources. Defaults to using system-assigned identity. The location defines the region for creating the managed identity.
Example 3
New-AzBlueprintAssignment -Name "myAssignment" -Blueprint $blueprintObject -SubscriptionId aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e -Location "West US" -Parameter @{P1="v1"; P2="v2"} -UserAssignedIdentity "/subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/resourceGroups/my-resource-group/providers/Microsoft.ManagedIdentity/userAssignedIdentities/my-user-defined-identity"
Create a new blueprint assignment of the blueprint definition $blueprintObject
within the specified subscription using the defined parameter and resource group dictionary using the specified user-assigned identity id.
Example 4
$blueprintObject = Get-AzBlueprint -SubscriptionId "aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e" -Name "myBlueprintName"
New-AzBlueprintAssignment -Name "myAssignment" -Blueprint $blueprintObject -SubscriptionId "aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e" -AssignmentFile C:\myAssignmentfile.json
Name : myAssignment
Id : /subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/providers/Microsoft.Blueprint/blueprintAssignments/myAssignment
Scope : /subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e
LastModified : 2019-01-08
LockMode : None
ProvisioningState : Creating
Parameters : {applytaganditsdefaultvalue_tagName, applytaganditsdefaultvalue_tagValue}
ResourceGroups : ResourceGroup
Create a blueprint assignment through an assignment file. The format of the assignment file can be found in the request/response samples at: https://github.com/Azure/azure-rest-api-specs/tree/master/specification/blueprint/resource-manager/Microsoft.Blueprint/preview/2018-11-01-preview/examples
Example 5
$blueprintObject = Get-AzBlueprint -SubscriptionId "myManagementGroup" -Name "myBlueprintName"
New-AzBlueprintAssignment -Name "myAssignment" -Blueprint $blueprintObject -ManagementGroupId "myManagementGroup" -SubscriptionId aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e -Location "West US" -Parameter @{P1="v1"; P2="v2"}
Create a new blueprint assignment of the blueprint definition $blueprintObject
targeting the specified subscription within the specified management group using the defined parameter.
Parameters
-AssignmentFile
Location of the assignment file in JSON format on disk.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Blueprint
Blueprint definition object.
Type: | PSBlueprintBase |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
Type: | SwitchParameter |
Aliases: | cf |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with Azure.
Type: | IAzureContextContainer |
Aliases: | AzContext, AzureRmContext, AzureCredential |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Location
Region for managed identity to be created in. Learn more at aka.ms/blueprintmsi
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-Lock
Lock resources. Learn more at aka.ms/blueprintlocks
Type: | Nullable<T>[PSLockMode] |
Accepted values: | None, AllResourcesReadOnly, AllResourcesDoNotDelete |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ManagementGroupId
The ID of the management group where the Blueprint assignment(s) will be saved.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-Name
Blueprint assignment name.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-Parameter
Artifact parameters.
Type: | Hashtable |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-ResourceGroupParameter
Hashtable of parameters to pass to the resource group artifact.
Type: | Hashtable |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-SecureStringParameter
Secure string parameter for KeyVault resource id, name and version.
Type: | Hashtable |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-SubscriptionId
Subscription Id to assign the blueprint definition. Can be a comma delimited list of subscriptionId strings.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-SystemAssignedIdentity
System assigned identity(MSI) to deploy the artifacts.
Type: | SwitchParameter |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-UserAssignedIdentity
User assigned identity(MSI) to deploy the artifacts.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Type: | SwitchParameter |
Aliases: | wi |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Inputs
String[]
Outputs
Azure PowerShell