external help file | Module Name | online version | schema |
---|---|---|---|
Az.Resources-help.xml |
Az.Resources |
2.0.0 |
Update a role management policy
Update-AzRoleManagementPolicy -Name <String> -Scope <String> [-Description <String>] [-DisplayName <String>]
[-IsOrganizationDefault] [-Rule <IRoleManagementPolicyRule[]>] [-DefaultProfile <PSObject>]
[-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
Update-AzRoleManagementPolicy -InputObject <IAuthorizationIdentity> [-Description <String>]
[-DisplayName <String>] [-IsOrganizationDefault] [-Rule <IRoleManagementPolicyRule[]>]
[-DefaultProfile <PSObject>] [-ProgressAction <ActionPreference>] [-WhatIf] [-Confirm] [<CommonParameters>]
Update a role management policy
$scope = "/subscriptions/38ab2ccc-3747-4567-b36b-9478f5602f0d/"
$expirationRule = [RoleManagementPolicyExpirationRule]@{
isExpirationRequired = "false";
maximumDuration = "P180D";
id = "Expiration_Admin_Eligibility";
ruleType = [RoleManagementPolicyRuleType]("RoleManagementPolicyExpirationRule");
targetCaller = "Admin";
targetOperation = @('All');
targetLevel = "Eligibility";
targetObject = $null;
targetInheritableSetting = $null;
targetEnforcedSetting = $null;
}
$rules = [IRoleManagementPolicyRule[]]@($expirationRule)
Update-AzRoleManagementPolicy -Scope $scope -Name "33b520ea-3544-4abc-8565-3588deb8e68e" -Rule $rules
Name Type Scope
---- ---- -----
33b520ea-3544-4abc-8565-3588deb8e68e Microsoft.Authorization/roleManagementPolicies /subscriptions/38ab2ccc-3747-4567-b36b-9478f5602f0d
Each individual Rule
on a policy can be update independently.
$scope = "/subscriptions/38ab2ccc-3747-4567-b36b-9478f5602f0d/"
$expirationRule = [RoleManagementPolicyExpirationRule]@{
isExpirationRequired = "false";
maximumDuration = "P180D";
id = "Expiration_Admin_Eligibility";
ruleType = [RoleManagementPolicyRuleType]("RoleManagementPolicyExpirationRule");
targetCaller = "Admin";
targetOperation = @('All');
targetLevel = "Eligibility";
targetObject = $null;
targetInheritableSetting = $null;
targetEnforcedSetting = $null;
}
$notificationRule = [RoleManagementPolicyNotificationRule]@{
notificationType = "Email";
recipientType = "Approver";
isDefaultRecipientsEnabled = "false";
notificationLevel = "Critical";
notificationRecipient = $null;
id = "Notification_Approver_Admin_Eligibility";
ruleType = [RoleManagementPolicyRuleType]("RoleManagementPolicyNotificationRule");
targetCaller = "Admin";
targetOperation = @('All');
targetLevel = "Eligibility";
targetObject = $null;
targetInheritableSetting = $null;
targetEnforcedSetting = $null;
}
$rules = [IRoleManagementPolicyRule[]]@($expirationRule, $notificationRule)
Update-AzRoleManagementPolicy -Scope $scope -Name "33b520ea-3544-4abc-8565-3588deb8e68e" -Rule $rules
Name Type Scope
---- ---- -----
33b520ea-3544-4abc-8565-3588deb8e68e Microsoft.Authorization/roleManagementPolicies /subscriptions/38ab2ccc-3747-4567-b36b-9478f5602f0d
Multiple Rule
can be updated together.
The DefaultProfile parameter is not functional. Use the SubscriptionId parameter when available if executing the cmdlet against a different subscription.
Type: System.Management.Automation.PSObject
Parameter Sets: (All)
Aliases: AzureRMContext, AzureCredential
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
The role management policy description.
Type: System.String
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
The role management policy display name.
Type: System.String
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Identity Parameter To construct, see NOTES section for INPUTOBJECT properties and create a hash table.
Type: Microsoft.Azure.PowerShell.Cmdlets.Resources.Authorization.Models.IAuthorizationIdentity
Parameter Sets: UpdateViaIdentityExpanded
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: True (ByValue)
Accept wildcard characters: False
The role management policy is default policy.
Type: System.Management.Automation.SwitchParameter
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
The name (guid) of the role management policy to upsert.
Type: System.String
Parameter Sets: UpdateExpanded
Aliases: RoleManagementPolicyName
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
{{ Fill ProgressAction Description }}
Type: System.Management.Automation.ActionPreference
Parameter Sets: (All)
Aliases: proga
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
The rule applied to the policy. To construct, see NOTES section for RULE properties and create a hash table.
Type: Microsoft.Azure.PowerShell.Cmdlets.Resources.Authorization.Models.Api20201001Preview.IRoleManagementPolicyRule[]
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
The scope of the role management policy to upsert.
Type: System.String
Parameter Sets: UpdateExpanded
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Prompts you for confirmation before running the cmdlet.
Type: System.Management.Automation.SwitchParameter
Parameter Sets: (All)
Aliases: cf
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Type: System.Management.Automation.SwitchParameter
Parameter Sets: (All)
Aliases: wi
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.