New-AzCosmosDBSqlRoleDefinition
Hiermee maakt u een nieuwe CosmosDB Sql-roldefinitie.
Syntax
New-AzCosmosDBSqlRoleDefinition
-ResourceGroupName <String>
-AccountName <String>
[-Id <String>]
-RoleName <String>
[-Type <String>]
-AssignableScope <System.Collections.Generic.List`1[System.String]>
-DataAction <System.Collections.Generic.List`1[System.String]>
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] New-AzCosmosDBSqlRoleDefinition
-ResourceGroupName <String>
-AccountName <String>
[-Id <String>]
-RoleName <String>
[-Type <String>]
-AssignableScope <System.Collections.Generic.List`1[System.String]>
-Permission <System.Collections.Generic.List`1[Microsoft.Azure.Commands.CosmosDB.Models.PSPermission]>
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] New-AzCosmosDBSqlRoleDefinition
[-Id <String>]
-RoleName <String>
[-Type <String>]
-AssignableScope <System.Collections.Generic.List`1[System.String]>
-DataAction <System.Collections.Generic.List`1[System.String]>
-ParentObject <PSDatabaseAccountGetResults>
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] New-AzCosmosDBSqlRoleDefinition
[-Id <String>]
-RoleName <String>
[-Type <String>]
-AssignableScope <System.Collections.Generic.List`1[System.String]>
-Permission <System.Collections.Generic.List`1[Microsoft.Azure.Commands.CosmosDB.Models.PSPermission]>
-ParentObject <PSDatabaseAccountGetResults>
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
Hiermee maakt u een nieuwe CosmosDB Sql-roldefinitie. Toewijsbare bereiken kunnen volledig gekwalificeerd zijn (bijvoorbeeld /subscriptions/subId/resourceGroups/resourceGroupName/providers/Microsoft.DocumentDB/databaseAccounts/accountName/dbs/dbName) of beginnen met de databasenaam (ie. /dbs/dbName). Als u de machtigingen van de roldefinitie wilt opgeven, gebruikt u de parameter DataAction en geeft u een lijst met tekenreeksen door die worden omgezet in één machtigingsobject, of gebruikt u de cmdlet New-AzCosmosDBPermission om PSPermission-objecten te maken die moeten worden doorgegeven via de parameter Machtiging.
Voorbeelden
Voorbeeld 1: DataAction gebruiken
New-AzCosmosDBSqlRoleDefinition `
-AccountName accountName `
-ResourceGroupName resourceGroupName `
-Type CustomRole `
-RoleName roleName `
-DataAction "Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/items/create" `
-AssignableScope "/"
RoleName : roleName
Id : /subscriptions/subId/resourceGroups/resourceGroupName/providers/Microsoft.DocumentDB/databaseAccounts/accountName/sqlRoleDefinitions/id
Type : CustomRole
Permissions : {Microsoft.Azure.Management.CosmosDB.Models.Permission}
AssignableScopes : {/subscriptions/subId/resourceGroups/resourceGroupName/providers/Microsoft.DocumentDB/databaseAccounts/accountName}Voorbeeld 2: Machtiging en ParentObject gebruiken
$DatabaseAccount = Get-AzCosmosDBAccount -Name accountName -ResourceGroupName resourceGroupName
$Permission = New-AzCosmosDBPermission -DataAction "Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/items/create"
New-AzCosmosDBSqlRoleDefinition `
-Type CustomRole `
-RoleName roleName `
-Permission $Permission `
-AssignableScope "/" `
-ParentObject $DatabaseAccount
RoleName : roleName
Id : /subscriptions/subId/resourceGroups/resourceGroupName/providers/Microsoft.DocumentDB/databaseAccounts/accountName/sqlRoleDefinitions/id
Type : CustomRole
Permissions : {Microsoft.Azure.Management.CosmosDB.Models.Permission}
AssignableScopes : {/subscriptions/subId/resourceGroups/resourceGroupName/providers/Microsoft.DocumentDB/databaseAccounts/accountName}Parameters
-AccountName
Naam van het Cosmos DB-databaseaccount.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-AssignableScope
Set resourcepaden waaronder een roltoewijzing kan worden gekoppeld aan de roldefinitie. Bijvoorbeeld '/', '/dbs/dbname','/dbs/dbname/colls/collname'.
| Type: | List<T>[String] |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Confirm
Hiermee wordt u gevraagd om bevestiging voordat u de cmdlet uitvoert.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DataAction
Set gegevensacties die worden verleend via de roldefinitie. De lijst met toegestane acties vindt u op: https://aka.ms/cosmos-native-rbac
| Type: | List<T>[String] |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DefaultProfile
De referenties, accounts, tenants en abonnementen die worden gebruikt voor communicatie met Azure.
| Type: | IAzureContextContainer |
| Aliases: | AzContext, AzureRmContext, AzureCredential |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Id
Roltoewijzings-id.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ParentObject
Roldefinitieobject.
| Type: | PSDatabaseAccountGetResults |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Permission
Machtiging is een verzameling gegevensacties.
| Type: | List<T>[PSPermission] |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ResourceGroupName
De naam van de resourcegroep.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-RoleName
Naam van roldefinitie.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Type
Type roldefinitie, CustomRole of BuiltInRole. De standaardwaarde is CustomRole.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
Hiermee wordt weergegeven wat er zou gebeuren als u de cmdlet uitvoert. De cmdlet wordt niet uitgevoerd.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |