-
Notifications
You must be signed in to change notification settings - Fork 3.8k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[MSGraph] Enable app roleassignment commands for Service Principal (#…
…23732) * add approle api in local yaml * add approle api in local yaml * customize New-AzAdServiceprincipalAppRoleAssignment * app role * Delete src/Resources/MSGraph.Autorest/test/Get-AzADServicePrincipalAppRoleAssignedTo.Tests.ps1 * Delete src/Resources/MSGraph.Autorest/test/Remove-AzADServicePrincipalAppRoleAssignedTo.Tests.ps1 * Delete src/Resources/MSGraph.Autorest/test/Update-AzADServicePrincipalAppRoleAssignedTo.Tests.ps1 * add examples * remove useless parameters * Update New-AzADServicePrincipalAppRoleAssignment.Tests.ps1 * update * Update Get-AzADApplication.ps1 * Update Get-AzADApplication.ps1 * change output ux, resolve comments
- Loading branch information
Showing
21 changed files
with
1,571 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
185 changes: 185 additions & 0 deletions
185
src/Resources/MSGraph.Autorest/custom/New-AzADServicePrincipalAppRoleAssignment.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,185 @@ | ||
|
||
# ---------------------------------------------------------------------------------- | ||
# Copyright (c) Microsoft Corporation. All rights reserved. | ||
# Licensed under the Apache License, Version 2.0 (the "License"); | ||
# you may not use this file except in compliance with the License. | ||
# You may obtain a copy of the License at | ||
# http://www.apache.org/licenses/LICENSE-2.0 | ||
# Unless required by applicable law or agreed to in writing, software | ||
# distributed under the License is distributed on an "AS IS" BASIS, | ||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
# See the License for the specific language governing permissions and | ||
# limitations under the License. | ||
# Code generated by Microsoft (R) AutoRest Code Generator.Changes may cause incorrect behavior and will be lost if the code | ||
# is regenerated. | ||
# ---------------------------------------------------------------------------------- | ||
|
||
<# | ||
.Synopsis | ||
Create new navigation property to appRoleAssignments for servicePrincipals | ||
.Description | ||
Create new navigation property to appRoleAssignments for servicePrincipals | ||
.Example | ||
{{ Add code here }} | ||
.Example | ||
{{ Add code here }} | ||
.Inputs | ||
Microsoft.Azure.PowerShell.Cmdlets.Resources.MSGraph.Models.ApiV10.IMicrosoftGraphAppRoleAssignment | ||
.Outputs | ||
Microsoft.Azure.PowerShell.Cmdlets.Resources.MSGraph.Models.ApiV10.IMicrosoftGraphAppRoleAssignment | ||
.Notes | ||
COMPLEX PARAMETER PROPERTIES | ||
To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. | ||
BODY <IMicrosoftGraphAppRoleAssignment>: Represents an Azure Active Directory object. The directoryObject type is the base type for many other directory entity types. | ||
[(Any) <Object>]: This indicates any property can be added to this object. | ||
[DeletedDateTime <DateTime?>]: | ||
[DisplayName <String>]: The name displayed in directory | ||
[AppRoleId <String>]: The identifier (id) for the app role which is assigned to the principal. This app role must be exposed in the appRoles property on the resource application's service principal (resourceId). If the resource application has not declared any app roles, a default app role ID of 00000000-0000-0000-0000-000000000000 can be specified to signal that the principal is assigned to the resource app without any specific app roles. Required on create. | ||
[PrincipalId <String>]: The unique identifier (id) for the user, group or service principal being granted the app role. Required on create. | ||
[ResourceDisplayName <String>]: The display name of the resource app's service principal to which the assignment is made. | ||
[ResourceId <String>]: The unique identifier (id) for the resource service principal for which the assignment is made. Required on create. Supports $filter (eq only). | ||
.Link | ||
https://learn.microsoft.com/powershell/module/az.resources/new-azadserviceprincipalapproleassignment | ||
#> | ||
function New-AzADServicePrincipalAppRoleAssignment { | ||
[OutputType([Microsoft.Azure.PowerShell.Cmdlets.Resources.MSGraph.Models.ApiV10.IMicrosoftGraphAppRoleAssignment])] | ||
[CmdletBinding(DefaultParameterSetName='ObjectIdWithResourceIdParameterSet', PositionalBinding=$false, SupportsShouldProcess, ConfirmImpact='Medium')] | ||
param( | ||
[Parameter(ParameterSetName = 'ObjectIdWithResourceIdParameterSet', Mandatory)] | ||
[Parameter(ParameterSetName = 'ObjectIdWithResourceDisplayNameParameterSet', Mandatory)] | ||
[Microsoft.Azure.PowerShell.Cmdlets.Resources.MSGraph.Category('Path')] | ||
[System.String] | ||
# The unique identifier (id) for the user, group or service principal being granted the app role. | ||
# Required on create. | ||
${ServicePrincipalId}, | ||
|
||
[Parameter(ParameterSetName = 'SPNWithResourceIdParameterSet', Mandatory)] | ||
[Parameter(ParameterSetName = 'SPNWithResourceDisplayNameParameterSet', Mandatory)] | ||
[Microsoft.Azure.PowerShell.Cmdlets.Resources.MSGraph.Category('Body')] | ||
[System.String] | ||
# The name displayed in directory | ||
${ServicePrincipalDisplayName}, | ||
|
||
[Parameter()] # ParameterSetName='CreateExpanded')] | ||
[Microsoft.Azure.PowerShell.Cmdlets.Resources.MSGraph.Category('Body')] | ||
[System.Collections.Hashtable] | ||
# Additional Parameters | ||
${AdditionalProperties}, | ||
|
||
[Parameter()] | ||
[Microsoft.Azure.PowerShell.Cmdlets.Resources.MSGraph.Category('Body')] | ||
[System.String] | ||
# The identifier (id) for the app role which is assigned to the principal. | ||
# This app role must be exposed in the appRoles property on the resource application's service principal (resourceId). | ||
# If the resource application has not declared any app roles, a default app role ID of 00000000-0000-0000-0000-000000000000 can be specified to signal that the principal is assigned to the resource app without any specific app roles. | ||
# Required on create. | ||
${AppRoleId}, | ||
|
||
[Parameter(DontShow)] | ||
[Microsoft.Azure.PowerShell.Cmdlets.Resources.MSGraph.Category('Body')] | ||
[System.DateTime] | ||
# . | ||
${DeletedDateTime}, | ||
|
||
[Parameter(ParameterSetName = 'ObjectIdWithResourceIdParameterSet', Mandatory)] | ||
[Parameter(ParameterSetName = 'SPNWithResourceIdParameterSet', Mandatory)] | ||
[Microsoft.Azure.PowerShell.Cmdlets.Resources.MSGraph.Category('Body')] | ||
[System.String] | ||
# The unique identifier (id) for the resource service principal for which the assignment is made. | ||
# Required on create. | ||
# Supports $filter (eq only). | ||
${ResourceId}, | ||
|
||
[Parameter(ParameterSetName = 'ObjectIdWithResourceDisplayNameParameterSet', Mandatory)] | ||
[Parameter(ParameterSetName = 'SPNWithResourceDisplayNameParameterSet', Mandatory)] | ||
[Microsoft.Azure.PowerShell.Cmdlets.Resources.MSGraph.Category('Body')] | ||
[System.String] | ||
# The display name of the resource app's service principal to which the assignment is made. | ||
${ResourceDisplayName}, | ||
|
||
[Parameter()] | ||
[Alias('AzureRMContext', 'AzureCredential')] | ||
[ValidateNotNull()] | ||
[Microsoft.Azure.PowerShell.Cmdlets.Resources.MSGraph.Category('Azure')] | ||
[System.Management.Automation.PSObject] | ||
# The credentials, account, tenant, and subscription used for communication with Azure. | ||
${DefaultProfile}, | ||
|
||
[Parameter(DontShow)] | ||
[Microsoft.Azure.PowerShell.Cmdlets.Resources.MSGraph.Category('Runtime')] | ||
[System.Management.Automation.SwitchParameter] | ||
# Wait for .NET debugger to attach | ||
${Break}, | ||
|
||
[Parameter(DontShow)] | ||
[ValidateNotNull()] | ||
[Microsoft.Azure.PowerShell.Cmdlets.Resources.MSGraph.Category('Runtime')] | ||
[Microsoft.Azure.PowerShell.Cmdlets.Resources.MSGraph.Runtime.SendAsyncStep[]] | ||
# SendAsync Pipeline Steps to be appended to the front of the pipeline | ||
${HttpPipelineAppend}, | ||
|
||
[Parameter(DontShow)] | ||
[ValidateNotNull()] | ||
[Microsoft.Azure.PowerShell.Cmdlets.Resources.MSGraph.Category('Runtime')] | ||
[Microsoft.Azure.PowerShell.Cmdlets.Resources.MSGraph.Runtime.SendAsyncStep[]] | ||
# SendAsync Pipeline Steps to be prepended to the front of the pipeline | ||
${HttpPipelinePrepend}, | ||
|
||
[Parameter(DontShow)] | ||
[Microsoft.Azure.PowerShell.Cmdlets.Resources.MSGraph.Category('Runtime')] | ||
[System.Uri] | ||
# The URI for the proxy server to use | ||
${Proxy}, | ||
|
||
[Parameter(DontShow)] | ||
[ValidateNotNull()] | ||
[Microsoft.Azure.PowerShell.Cmdlets.Resources.MSGraph.Category('Runtime')] | ||
[System.Management.Automation.PSCredential] | ||
# Credentials for a proxy server to use for the remote call | ||
${ProxyCredential}, | ||
|
||
[Parameter(DontShow)] | ||
[Microsoft.Azure.PowerShell.Cmdlets.Resources.MSGraph.Category('Runtime')] | ||
[System.Management.Automation.SwitchParameter] | ||
# Use the default credentials for the proxy | ||
${ProxyUseDefaultCredentials} | ||
) | ||
|
||
process { | ||
switch ($PSCmdlet.ParameterSetName) { | ||
{($_ -eq 'SPNWithResourceIdParameterSet') -or ($_ -eq 'SPNWithResourceDisplayNameParameterSet')}{ | ||
if ($PSBoundParameters['ServicePrincipalDisplayName']) { | ||
$PSBoundParameters['DisplayName'] = $PSBoundParameters['ServicePrincipalDisplayName'] | ||
$null = $PSBoundParameters.Remove('ServicePrincipalDisplayName') | ||
|
||
$sp = Get-AzADServicePrincipal -DisplayName $PSBoundParameters['DisplayName'] | ||
if($null -eq $sp) { | ||
Write-Error "Cannot find service principal by DisplayName $($PSBoundParameters['DisplayName'])" | ||
} | ||
|
||
$PSBoundParameters['ServicePrincipalId'] = $sp.Id | ||
} | ||
} | ||
|
||
{($_ -eq 'SPNWithResourceDisplayNameParameterSet') -or ($_ -eq 'ObjectIdWithResourceDisplayNameParameterSet')} { | ||
if ($PSBoundParameters['ResourceDisplayName']) { | ||
$sp = Get-AzADServicePrincipal -DisplayName $PSBoundParameters['ResourceDisplayName'] | ||
if($null -eq $sp) { | ||
Write-Error "Cannot find resource service principal by ResourceDisplayName $($PSBoundParameters['ResourceDisplayName'])" | ||
} | ||
|
||
$PSBoundParameters['ResourceId'] = $sp.Id | ||
} | ||
} | ||
} | ||
|
||
$PSBoundParameters['PrincipalId'] = $PSBoundParameters['ServicePrincipalId'] | ||
|
||
. Az.MSGraph.internal\New-AzADServicePrincipalAppRoleAssignment @PSBoundParameters | ||
} | ||
|
||
} | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.