New-AzBlueprintAssignment
Assign a blueprint definition to a subscription or a management group.
Syntax
New-AzBlueprintAssignment
-Name <String>
-Blueprint <PSBlueprintBase>
-Location <String>
[-SystemAssignedIdentity]
[-UserAssignedIdentity <String>]
[-Lock <PSLockMode>]
[-SecureStringParameter <Hashtable>]
[-ResourceGroupParameter <Hashtable>]
[-Parameter <Hashtable>]
[-ManagementGroupId <String>]
[-SubscriptionId <String[]>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] New-AzBlueprintAssignment
-Name <String>
[-Blueprint <PSBlueprintBase>]
[-AssignmentFile <String>]
[-ManagementGroupId <String>]
[-SubscriptionId <String[]>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
Assign a blueprint definition to a subscription.
Examples
Example 1
$rg = @{ResourceGroup=@{name='storage_rg';location='eastus'}}
$params = @{applytaganditsdefaultvalue_tagName="Department_Cost_Center"; applytaganditsdefaultvalue_tagValue="Contoso/RnD/Dev/986754"}
$blueprintObject = Get-AzBlueprint -SubscriptionId "00000000-1111-0000-1111-000000000000" -Name "myBlueprintName"
$secureString = @{mySecureStringParam=@{keyVaultId='/subscriptions/00000000-1111-0000-1111-000000000000/rsourcegroups/myResourceGroup/providers/Microsoft.Keyvault/Vaults/myKeyVault';secretName='mySecret';secretVersion='1.0'}}
New-AzBlueprintAssignment -Name "myAssignment" -Blueprint $blueprintObject -SubscriptionId "00000000-1111-0000-1111-000000000000" -Location "West US" -ResourceGroupParameter $rg -Parameter $params -SecureStringParameter $secureString
Name : myAssignment
Id : /subscriptions/00000000-1111-0000-1111-000000000000/providers/Microsoft.Blueprint/blueprintAssignments/myAssignment
Scope : /subscriptions/00000000-1111-0000-1111-000000000000
LastModified : 2019-01-08
LockMode : None
ProvisioningState : Creating
Parameters : {applytaganditsdefaultvalue_tagName, applytaganditsdefaultvalue_tagValue}
ResourceGroups : ResourceGroupCreate a new blueprint assignment of the blueprint definition $blueprintObject within the specified subscription using the defined parameter and resource group dictionary. Uses system-assigned identity. The location defines the region for creating the managed identity.
Example 2
New-AzBlueprintAssignment -Name "myAssignment" -Blueprint $blueprintObject -SubscriptionId 00000000-1111-0000-1111-000000000000 -Location "West US" -Parameter @{P1="v1"; P2="v2"} -Lock AllResourcesReadOnlyCreate a new blueprint assignment of the blueprint definition $blueprintObject within the specified subscription using the defined parameter and resource group dictionary and configuring resource locking to AllResources. Defaults to using system-assigned identity. The location defines the region for creating the managed identity.
Example 3
New-AzBlueprintAssignment -Name "myAssignment" -Blueprint $blueprintObject -SubscriptionId 00000000-1111-0000-1111-000000000000 -Location "West US" -Parameter @{P1="v1"; P2="v2"} -UserAssignedIdentity "/subscriptions/00000000-1111-0000-1111-000000000000/resourceGroups/my-resource-group/providers/Microsoft.ManagedIdentity/userAssignedIdentities/my-user-defined-identity"Create a new blueprint assignment of the blueprint definition $blueprintObject within the specified subscription using the defined parameter and resource group dictionary using the specified user-assigned identity id.
Example 4
$blueprintObject = Get-AzBlueprint -SubscriptionId "00000000-1111-0000-1111-000000000000" -Name "myBlueprintName"
New-AzBlueprintAssignment -Name "myAssignment" -Blueprint $blueprintObject -SubscriptionId "00000000-1111-0000-1111-000000000000" -AssignmentFile C:\myAssignmentfile.json
Name : myAssignment
Id : /subscriptions/00000000-1111-0000-1111-000000000000/providers/Microsoft.Blueprint/blueprintAssignments/myAssignment
Scope : /subscriptions/00000000-1111-0000-1111-000000000000
LastModified : 2019-01-08
LockMode : None
ProvisioningState : Creating
Parameters : {applytaganditsdefaultvalue_tagName, applytaganditsdefaultvalue_tagValue}
ResourceGroups : ResourceGroupCreate a blueprint assignment through an assignment file. The format of the assignment file can be found in the request/response samples at: https://github.com/Azure/azure-rest-api-specs/tree/master/specification/blueprint/resource-manager/Microsoft.Blueprint/preview/2018-11-01-preview/examples
Example 5
$blueprintObject = Get-AzBlueprint -SubscriptionId "myManagementGroup" -Name "myBlueprintName"
New-AzBlueprintAssignment -Name "myAssignment" -Blueprint $blueprintObject -ManagementGroupId "myManagementGroup" -SubscriptionId 00000000-1111-0000-1111-000000000000 -Location "West US" -Parameter @{P1="v1"; P2="v2"}Create a new blueprint assignment of the blueprint definition $blueprintObject targeting the specified subscription within the specified management group using the defined parameter.
Parameters
-AssignmentFile
Location of the assignment file in JSON format on disk.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Blueprint
Blueprint definition object.
| Type: | PSBlueprintBase |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with Azure.
| Type: | IAzureContextContainer |
| Aliases: | AzContext, AzureRmContext, AzureCredential |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Location
Region for managed identity to be created in. Learn more at aka.ms/blueprintmsi
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Lock
Lock resources. Learn more at aka.ms/blueprintlocks
| Type: | Nullable<T>[PSLockMode] |
| Accepted values: | None, AllResourcesReadOnly, AllResourcesDoNotDelete |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ManagementGroupId
The ID of the management group where the Blueprint assignment(s) will be saved.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Name
Blueprint assignment name.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Parameter
Artifact parameters.
| Type: | Hashtable |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-ResourceGroupParameter
Hashtable of parameters to pass to the resource group artifact.
| Type: | Hashtable |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-SecureStringParameter
Secure string parameter for KeyVault resource id, name and version.
| Type: | Hashtable |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-SubscriptionId
Subscription Id to assign the blueprint definition. Can be a comma delimited list of subscriptionId strings.
| Type: | String[] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-SystemAssignedIdentity
System assigned identity(MSI) to deploy the artifacts.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-UserAssignedIdentity
User assigned identity(MSI) to deploy the artifacts.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
String[]
Outputs
Azure PowerShell
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for