New-AzADServicePrincipalAppRoleAssignment
Create new navigation property to appRoleAssignments for servicePrincipals
Syntax
ObjectIdWithResourceIdParameterSet (Default)
New-AzADServicePrincipalAppRoleAssignment
-ServicePrincipalId <String>
-ResourceId <String>
[-AdditionalProperties <Hashtable>]
[-AppRoleId <String>]
[-DefaultProfile <PSObject>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
ObjectIdWithResourceDisplayNameParameterSet
New-AzADServicePrincipalAppRoleAssignment
-ServicePrincipalId <String>
-ResourceDisplayName <String>
[-AdditionalProperties <Hashtable>]
[-AppRoleId <String>]
[-DefaultProfile <PSObject>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
SPNWithResourceIdParameterSet
New-AzADServicePrincipalAppRoleAssignment
-ResourceId <String>
-ServicePrincipalDisplayName <String>
[-AdditionalProperties <Hashtable>]
[-AppRoleId <String>]
[-DefaultProfile <PSObject>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
SPNWithResourceDisplayNameParameterSet
New-AzADServicePrincipalAppRoleAssignment
-ResourceDisplayName <String>
-ServicePrincipalDisplayName <String>
[-AdditionalProperties <Hashtable>]
[-AppRoleId <String>]
[-DefaultProfile <PSObject>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
Create new navigation property to appRoleAssignments for servicePrincipals
Examples
Example 1: ObjectIdWithResourceIdParameterSet
New-AzADServicePrincipalAppRoleAssignment -ServicePrincipalId aaaaaaaa-bbbb-cccc-1111-222222222222 -ResourceId a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 -AppRoleId b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2
Id AppRoleId PrincipalDisplayName PrincipalId CreatedDateTime
-- --------- -------------------- ----------- ---------------
Zbm-cUeDXUmlicIc3eenIkgIm8kv9kJPj4MFhepACNE b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2 funapp1214 aaaaaaaa-bbbb-cccc-1111-222222222222 12/14/2023 7:04:28 AM
Create an appRoleAssignment using ServicePrincipalId and ResourceId.
Example 2: SPNWithResourceDisplayNameParameterSet
New-AzADServicePrincipalAppRoleAssignment -ServicePrincipalDisplayName funapp1214 -ResourceDisplayName nori-sp -AppRoleId b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2
Id AppRoleId PrincipalDisplayName PrincipalId CreatedDateTime
-- --------- -------------------- ----------- ---------------
Zbm-cUeDXUmlicIc3eenIlqgWRlWp2hFrXIJiqP2j78 b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2 funapp1214 aaaaaaaa-bbbb-cccc-1111-222222222222 12/14/2023 7:07:16 AM
Create an appRoleAssignment for service principal using ServicePrincipal DisplayName and Resource DisplayName.
Parameters
-AdditionalProperties
ParameterSetName='CreateExpanded')]
Additional Parameters
Parameter properties
Type: Hashtable
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-AppRoleId
The identifier (id) for the app role which is assigned to the principal.
This app role must be exposed in the appRoles property on the resource application's service principal (resourceId).
If the resource application has not declared any app roles, a default app role ID of 00000000-0000-0000-0000-000000000000 can be specified to signal that the principal is assigned to the resource app without any specific app roles.
Required on create.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-Confirm
Prompts you for confirmation before running the cmdlet.
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False Aliases: cf
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with Azure.
Parameter properties
Type: PSObject
Default value: None Supports wildcards: False DontShow: False Aliases: AzureRMContext, AzureCredential
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-ResourceDisplayName
The display name of the resource app's service principal to which the assignment is made.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
ObjectIdWithResourceDisplayNameParameterSet
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
SPNWithResourceDisplayNameParameterSet
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-ResourceId
The unique identifier (id) for the resource service principal for which the assignment is made.
Required on create.
Supports $filter (eq only).
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
ObjectIdWithResourceIdParameterSet
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
SPNWithResourceIdParameterSet
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-ServicePrincipalDisplayName
The name displayed in directory
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
SPNWithResourceIdParameterSet
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
SPNWithResourceDisplayNameParameterSet
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-ServicePrincipalId
The unique identifier (id) for the user, group or service principal being granted the app role.
Required on create.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
ObjectIdWithResourceIdParameterSet
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
ObjectIdWithResourceDisplayNameParameterSet
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False Aliases: wi
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable,
-InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable,
-ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see
about_CommonParameters .
Outputs