Skip to content

Latest commit

 

History

History
 
 

101-rbac-builtinrole-virtualmachine

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 
 
 
 
 
 
 

This template assigns Owner, Reader, Contributor, Virtual Machine Contributor access to an existing VM in a resource group. Inputs to this template are following fields:

Principal ID Role Definition ID Virtual Machine Name GUID

**Use following powershell command to get Principal ID associated with a user using their email id. Please note, principal id maps to the id inside the directory and can point to a user, service principal, or security group. The ObjectId is the principal ID.

PS C:> Get-AzureADUser -mail

DisplayName Type ObjectId


xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

**Use following powershell command to learn about RoleDefinitions. Please note, the template already uses appropriate roleDefinition Id. The applicable RoleDefinition names are avialable in the parameter dropdown.

PS C:> Get-AzureRoleDefinition | fl

Name : Contributor Id : /subscriptions/ xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c Actions : {} NotActions : {Microsoft.Authorization//Write, Microsoft.Authorization/*/Delete}