This template assigns Owner, Reader, Contributor, Virtual Machine Contributor access to an existing VM in a resource group. Inputs to this template are following fields:
Principal ID Role Definition ID Virtual Machine Name GUID
**Use following powershell command to get Principal ID associated with a user using their email id. Please note, principal id maps to the id inside the directory and can point to a user, service principal, or security group. The ObjectId is the principal ID.
PS C:> Get-AzureADUser -mail
DisplayName Type ObjectId
xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
**Use following powershell command to learn about RoleDefinitions. Please note, the template already uses appropriate roleDefinition Id. The applicable RoleDefinition names are avialable in the parameter dropdown.
PS C:> Get-AzureRoleDefinition | fl
Name : Contributor Id : /subscriptions/ xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c Actions : {} NotActions : {Microsoft.Authorization//Write, Microsoft.Authorization/*/Delete}