New-AzADServicePrincipalAppRoleAssignment
Create new navigation property to appRoleAssignments for servicePrincipals
Syntax
New-AzADServicePrincipalAppRoleAssignment
-ServicePrincipalId <String>
-ResourceId <String>
[-AdditionalProperties <Hashtable>]
[-AppRoleId <String>]
[-DefaultProfile <PSObject>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
New-AzADServicePrincipalAppRoleAssignment
-ServicePrincipalId <String>
[-AdditionalProperties <Hashtable>]
[-AppRoleId <String>]
-ResourceDisplayName <String>
[-DefaultProfile <PSObject>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
New-AzADServicePrincipalAppRoleAssignment
-ResourceId <String>
[-AdditionalProperties <Hashtable>]
[-AppRoleId <String>]
-ServicePrincipalDisplayName <String>
[-DefaultProfile <PSObject>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
New-AzADServicePrincipalAppRoleAssignment
[-AdditionalProperties <Hashtable>]
[-AppRoleId <String>]
-ResourceDisplayName <String>
-ServicePrincipalDisplayName <String>
[-DefaultProfile <PSObject>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
Create new navigation property to appRoleAssignments for servicePrincipals
Examples
Example 1: ObjectIdWithResourceIdParameterSet
New-AzADServicePrincipalAppRoleAssignment -ServicePrincipalId 00001111-aaaa-2222-bbbb-3333cccc4444 -ResourceId a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 -AppRoleId b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2
Id AppRoleId PrincipalDisplayName PrincipalId CreatedDateTime
-- --------- -------------------- ----------- ---------------
Zbm-cUeDXUmlicIc3eenIkgIm8kv9kJPj4MFhepACNE b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2 funapp1214 00001111-aaaa-2222-bbbb-3333cccc4444 12/14/2023 7:04:28 AM
Create an appRoleAssignment using ServicePrincipalId and ResourceId.
Example 2: SPNWithResourceDisplayNameParameterSet
New-AzADServicePrincipalAppRoleAssignment -ServicePrincipalDisplayName funapp1214 -ResourceDisplayName nori-sp -AppRoleId b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2
Id AppRoleId PrincipalDisplayName PrincipalId CreatedDateTime
-- --------- -------------------- ----------- ---------------
Zbm-cUeDXUmlicIc3eenIlqgWRlWp2hFrXIJiqP2j78 b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2 funapp1214 00001111-aaaa-2222-bbbb-3333cccc4444 12/14/2023 7:07:16 AM
Create an appRoleAssignment for service principal using ServicePrincipal DisplayName and Resource DisplayName.
Parameters
-AdditionalProperties
ParameterSetName='CreateExpanded')] Additional Parameters
Type: | Hashtable |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AppRoleId
The identifier (id) for the app role which is assigned to the principal. This app role must be exposed in the appRoles property on the resource application's service principal (resourceId). If the resource application has not declared any app roles, a default app role ID of 00000000-0000-0000-0000-000000000000 can be specified to signal that the principal is assigned to the resource app without any specific app roles. Required on create.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
Type: | SwitchParameter |
Aliases: | cf |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with Azure.
Type: | PSObject |
Aliases: | AzureRMContext, AzureCredential |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ResourceDisplayName
The display name of the resource app's service principal to which the assignment is made.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ResourceId
The unique identifier (id) for the resource service principal for which the assignment is made. Required on create. Supports $filter (eq only).
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ServicePrincipalDisplayName
The name displayed in directory
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ServicePrincipalId
The unique identifier (id) for the user, group or service principal being granted the app role. Required on create.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Type: | SwitchParameter |
Aliases: | wi |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Inputs
IMicrosoftGraphAppRoleAssignment
Outputs
Azure PowerShell