Azure Classroom Series – 17/Apr/2021

Scenario-1: Create a Custom Role using Azure Powershell

  • Lets create a custom role which allows users to have full access on
    • Azure Virtual Machines
    • Azure SQL
  • And the readonly access on Azure Virtual Networks and Azure Storage Accounts
  • Assignable scopes for this role should be any where (Management Groups, Subscription, Resource Group, Resource Level)
  • for resource provider operations Refer Here and for custom role definition Refer Here
  • All the azure cmdlets will have the following basic form <verb>-Az<noun>. Examples are
Get-AzResourceGroup
New-AzVM

  • After finding the command , use Get-Help -Online <cmdlet>. So lets execute Get-Help -Online New-AzRoleDefinition
  • Now create the role definition
  • Refer Here for the role definition created.
  • Find the Groups
  • Now try to assign roles
    • Find the right cmd let and its usage
    • Refer Here for samples
  • Now apply the role
  • Exercise: update the Role json and make it work for the above mentined scenario, to change the role defintion use Set-AzRoleDefinition cmdlet
  • Next Steps:
    • Understanding scope failures
    • Creating similar role assignment and creation using Azure CLI

Leave a ReplyCancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Please turn AdBlock off
Social Media Icons Powered by Acurax Web Design Company

Discover more from Direct DevOps from Quality Thought

Subscribe now to keep reading and get access to the full archive.

Continue reading

Exit mobile version
%%footer%%