Azure
/
data-management-zone
зеркало из https://github.com/Azure/data-management-zone.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Update EnterpriseScaleAnalytics-ServicePrincipal.md (#232)

This commit is contained in:
kbhatiaGIT 2021-11-16 08:34:48 +00:00 коммит произвёл GitHub
Родитель 6aa400c655
Коммит f56bd199c4
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: 4AEE18F83AFDEB23
1 изменённых файлов: 5 добавлений и 5 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

10
docs/EnterpriseScaleAnalytics-ServicePrincipal.md
Просмотреть файл

@ -39,7 +39,7 @@ Additional required role assignments include:
| Role Name | Description | Scope |
|:----------|:------------|:------|
| [User Access Administrator](https://docs.microsoft.com/azure/role-based-access-control/built-in-roles#user-access-administrator) | Required to assign the managed identity of Purview to the Azure Key Vault. | <div style="width: 31ch">(Resource Scope) `/subscriptions/{{datamanagementzone}subscriptionId}`</div> |
| [User Access Administrator](https://docs.microsoft.com/azure/role-based-access-control/built-in-roles#user-access-administrator) | Required to assign the managed identity of Purview to the Azure Key Vault. | <div style="width: 31ch">(Resource Scope) `/subscriptions/{datamanagementzone-subscriptionId}`</div> |
To add these role assignments, you can use the [Azure Portal](https://portal.azure.com/) or run the following commands using Azure CLI/Azure Powershell:
@ -54,9 +54,9 @@ az ad sp list --display-name "{servicePrincipalName}" --query "[].{objectId:obje
az role assignment create \
--assignee "{servicePrincipalObjectId}" \
--role "{roleName}" \
--scopes "{scope}"
--scope "{scope}"
# Resource group scope level assignment
# Resource group scope level assignment (below one is for the Data Landing Zones only)
az role assignment create \
--assignee "{servicePrincipalObjectId}" \
--role "{roleName}" \
@ -76,13 +76,13 @@ New-AzRoleAssignment `
-RoleDefinitionName "{roleName}" `
-Scope "{scope}"
# For Resource group scope level assignment
# For Resource group scope level assignment (below one is for the Data Landing Zones only)
New-AzRoleAssignment `
-ObjectId $spObjectId `
-RoleDefinitionName "{roleName}" `
-ResourceGroupName "{resourceGroupName}"
# For Child-Resource Scope level assignment
# For Child-Resource Scope level assignment (below one is for the Data Landing Zones only)
New-AzRoleAssignment `
-ObjectId $spObjectId `
-RoleDefinitionName "{roleName}" `