你当前正在访问 Microsoft Azure Global Edition 技术文档网站。 如果需要访问由世纪互联运营的 Microsoft Azure 中国技术文档网站,请访问 https://docs.azure.cn。
New-AzManagedServicesAuthorizationObject
Create an in-memory object for Authorization.
Syntax
New-AzManagedServicesAuthorizationObject
-PrincipalId <String>
-RoleDefinitionId <String>
[-DelegatedRoleDefinitionId <String[]>]
[-PrincipalIdDisplayName <String>]
[<CommonParameters>]
Description
Create an in-memory object for Authorization.
Examples
Example 1: Create new Azure Lighthouse Authorization object to use with Registration definition
New-AzManagedServicesAuthorizationObject -PrincipalId "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" -RoleDefinitionId "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" -PrincipalIdDisplayName "Test user"
DelegatedRoleDefinitionId PrincipalId PrincipalIdDisplayName RoleDefinitionId
------------------------- ----------- ---------------------- ----------------
xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx Test user xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
Creates new Azure Lighthouse authorization object to use with Registration definition.
Example 2: Create new Azure Lighthouse Authorization object with delegatedRoleDefinitionIds
New-AzManagedServicesAuthorizationObject -PrincipalId "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" -RoleDefinitionId "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" -PrincipalIdDisplayName "Test user" -DelegatedRoleDefinitionId "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
DelegatedRoleDefinitionId PrincipalId PrincipalIdDisplayName RoleDefinitionId
------------------------- ----------- ---------------------- ----------------
{xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx, xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx} xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx Test user xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
Creates new Azure Lighthouse authorization object with delegatedRoleDefinitionIds.
Parameters
-DelegatedRoleDefinitionId
The delegatedRoleDefinitionIds field is required when the roleDefinitionId refers to the User Access Administrator Role. It is the list of role definition ids which define all the permissions that the user in the authorization can assign to other principals.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PrincipalId
The identifier of the Azure Active Directory principal.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PrincipalIdDisplayName
The display name of the Azure Active Directory principal.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RoleDefinitionId
The identifier of the Azure built-in role that defines the permissions that the Azure Active Directory principal will have on the projected scope.
Type: | String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | False |
Accept wildcard characters: | False |