az policy assignment identity
Manage a policy assignment's managed identity.
Commands
az policy assignment identity assign |
Add a system assigned identity to a policy assignment. |
az policy assignment identity remove |
Remove a managed identity from a policy assignment. |
az policy assignment identity show |
Show a policy assignment's managed identity. |
az policy assignment identity assign
Add a system assigned identity to a policy assignment.
az policy assignment identity assign --name
[--identity-scope]
[--resource-group]
[--role]
[--scope]
Examples
Add a system assigned managed identity to a policy assignment.
az policy assignment identity assign -g MyResourceGroup -n MyPolicyAssignment
Add a system assigned managed identity to a policy assignment and grant it the 'Contributor' role for the current resource group.
az policy assignment identity assign -g MyResourceGroup -n MyPolicyAssignment --role Contributor --identity-scope /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/MyResourceGroup
Required Parameters
Name of the policy assignment.
Optional Parameters
Scope that the system assigned identity can access.
The resource group where the policy will be applied.
Role name or id that will be assigned to the managed identity.
Scope to which this policy assignment applies.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
az policy assignment identity remove
Remove a managed identity from a policy assignment.
az policy assignment identity remove --name
[--resource-group]
[--scope]
Required Parameters
Name of the policy assignment.
Optional Parameters
The resource group where the policy will be applied.
Scope to which this policy assignment applies.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
az policy assignment identity show
Show a policy assignment's managed identity.
az policy assignment identity show --name
[--query-examples]
[--resource-group]
[--scope]
Examples
Show a policy assignment's managed identity. (autogenerated)
az policy assignment identity show --name MyPolicyAssignment --scope '/providers/Microsoft.Management/managementGroups/MyManagementGroup'
Required Parameters
Name of the policy assignment.
Optional Parameters
Recommend JMESPath string for you. You can copy one of the query and paste it after --query parameter within double quotation marks to see the results. You can add one or more positional keywords so that we can give suggestions based on these key words.
The resource group where the policy will be applied.
Scope to which this policy assignment applies.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.