Azure PowerShell或CLI命令向用户提供对特定Web应用程序的所有者访问权限 [英] Azure PowerShell or CLI command to Provide a User with Owner access to a specific Web Application
问题描述
我有大约100个使用Azure PowerShell和CLI创建的Azure Web Apps和Azure功能,现在我需要将这些Web Apps的所有者访问权限分配给用户(每个Web Apps分别使用用户)
I have around 100 Azure Web Apps and Azure Functions which I created using Azure PowerShell and CLI, now I need to assign Owner Access to these Web Apps to users (Separate users for each Web Apps)
我无法为此找到任何示例,大多数示例都指向分配资源组级别访问权限",而不是特定资源".
I am unable to find any sample for this, most sample are pointing to Assigning Resource Group Level Access, but not to the Specific Resource.
该任务可以在Azure门户中完成,只需使用PowerShell或CLI命令即可为用户分配这些特定资源的所有者或贡献者权限.
The task is achievable in the Azure Portal, just need the PowerShell or CLI command to assign users owner or contributor rights to these specific resources.
如果可能,请提供示例命令
If possible please provide a sample command
推荐答案
For Power Shell, you could use New-AzureRmRoleAssignment
to do this.
例如.
New-AzureRmRoleAssignment -SignInName "test@hotmail.com" -RoleDefinitionName Owner -Scope "/subscriptions/*************/resourceGroups/shuiapp/providers/Microsoft.Web/sites/shuicli"
或
New-AzureRmRoleAssignment -ObjectId "859f0f40-057b-4afc-9d05-fe8b3933ae87" -RoleDefinitionName Owner -Scope "/subscriptions/*****************/resourceGroups/shuiapp/providers/Microsoft.Web/sites/shuicli"
注意:您可以使用cmdlet get-azureaduser
获取用户对象ID.
Note: You could get your user object ID with cmdlet get-azureaduser
.
Azure CLI
Azure CLI
您可以使用 az role assignment create
为此.
You could use az role assignment create
to do this.
例如.
az role assignment create --assignee <user object id> --role Owner --scope "/subscriptions/3b4d41fa-e91d-4bc7-bc11-13d221b3b77d/resourceGroups/shuiapp/providers/Microsoft.Web/sites/shuicli"
注意:如果您的用户是Azure AD用户,则可以使用az ad user list
获取用户的对象ID.如果您的用户是服务主体,则可以使用az ad sp list
获取对象ID.
Note: If your user is Azure AD user, you could use az ad user list
to get user's object id. If your user is a service principal, you could use az ad sp list
to get object id.
这篇关于Azure PowerShell或CLI命令向用户提供对特定Web应用程序的所有者访问权限的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!