问题
I have around 100 Azure Web Apps and Azure Functions which I created using Azure PowerShell and CLI, now I need to assign Owner Access to these Web Apps to users (Separate users for each Web Apps)
I am unable to find any sample for this, most sample are pointing to Assigning Resource Group Level Access, but not to the Specific Resource.
The task is achievable in the Azure Portal, just need the PowerShell or CLI command to assign users owner or contributor rights to these specific resources.
If possible please provide a sample command
回答1:
For Power Shell, you could use New-AzureRmRoleAssignment to do this.
For example.
New-AzureRmRoleAssignment -SignInName "test@hotmail.com" -RoleDefinitionName Owner -Scope "/subscriptions/*************/resourceGroups/shuiapp/providers/Microsoft.Web/sites/shuicli"
or
New-AzureRmRoleAssignment -ObjectId "859f0f40-057b-4afc-9d05-fe8b3933ae87" -RoleDefinitionName Owner -Scope "/subscriptions/*****************/resourceGroups/shuiapp/providers/Microsoft.Web/sites/shuicli"
Note: You could get your user object ID with cmdlet get-azureaduser.
Azure CLI
You could use az role assignment create to do this.
For example.
az role assignment create --assignee <user object id> --role Owner --scope "/subscriptions/3b4d41fa-e91d-4bc7-bc11-13d221b3b77d/resourceGroups/shuiapp/providers/Microsoft.Web/sites/shuicli"
Note: If your user is Azure AD user, you could use az ad user list to get user's object id. If your user is a service principal, you could use az ad sp list to get object id.
来源:https://stackoverflow.com/questions/47180769/azure-powershell-or-cli-command-to-provide-a-user-with-owner-access-to-a-specifi