Azure PowerShell: How to assign access to a subscription using PowerShell (RBAC)

I had this question from a customer recently, and when I searched the net I wouldn’t find any specific examples.

This example assigns a user as a Contributor to the subscription.

When you assign roles to resources, all you need is the URL for the resource and provide it to this cmdlet.

Here you go:

Login-AzureRMAccount
$userEmail = "[email protected]"
$SubscriptionName = "Test Subscription"
Get-AzureRmSubscription -Subscriptionname $SubscriptionName
New-AzureRmRoleAssignment -SignInName $userEmail  -Scope "/subscriptions/$($sub.SubscriptionId)" -RoleDefinitionName Contributor

That’s all for today!

Om forfatteren: Jakob Gottlieb Svendsen

Twitter: @JakobGSvendsen

Jakob Gottlieb Svendsen is a Microsoft Cloud and Data Center Management MVP (http://mvp.microsoft.com/en-us/default.aspx), Working as Global Lead Developer, Senior Consultant and Trainer at CTGlobal, where he is one of the driving forces in keeping CTGlobal a System Center Gold Partner and member of the System Center Alliance.

Since he started at Coretech in 2007, he has focused on Scripting and Development, primarily developing tools, extensions and scripts for the System Center Suite. His main area is Automation (including OMS/Azure Automation, Service Management Automation, PowerShell and Orchestrator). Another area is Windows Azure Pack / Azure Stack, where he does implementation, development, workshops and presentations. He is a world-wide renowned voice in the Automation field.

He is passionately devoted to the community, to which he contributes by being a moderator at TechNet and sharing his knowledge at https://blog.ctglobalservices.com/jgs

Co-founder: PowerShell User Group Denmark
Speaker at MMS 2016, Minneapolis (www.mmsmoa.com)
SCU Europe 2014, 2015, 2016 (www.systemcenteruniverse.ch)
Microsoft TechEd North America 2014, Houston
NIC 2012,2013,2014,2015, Oslo (www.nic.com)
Microsoft CampusDays 2011, 2013, Copenhagen
Microsoft TechDays 2015, Sweden (www.techdays.se)
Microsoft Partner Event: New in SC2012 SP1
User group meetings (PSUG.DK , SCUG.DK/BE/NO, AZMUG + more)
Microsoft Certified Trainer.
Microsoft Scripting Guys Forum Moderator

Main working areas:

Automation (Azure Automation, SMA, SCO)
Windows Azure Pack / Azure Stack
System CenterVisual Studio Team Services / Team Foundation Server
Development:C#.Net, VB.NET, VBScript, PowerShell, Service Manager, OpsMgr, ConfigMgr
Orchestrator
Windows Azure Pack / Azure Stack

Training:

Azure Automation
Service Management Automation
System Center Orchestrator
PowerShell, VBScript, C#.Net, VB.Net
Windows Azure Pack / Azure Stack Development Workshops

4 kommentarer

Ankit Pathak november 6, 2018 af 6:34

You have forgot to assign the 4th line in $sub variable 🙂
JoJo marts 13, 2019 af 17:04

Is there a way to update all subscriptions with a role?
Yuvraj april 26, 2019 af 2:51

To update for all subscriptions, you can use the below code :

Login-AzureRMAccount

$SubscriptionName = Get-Content “C:\temp\subscriptions.txt”
foreach ($Subscription in $SubscriptionName)
{
$sub = Get-AzureRmSubscription -Subscriptionname $Subscription
}
$groupID = (Get-AzureRmADGroup -SearchString “SG-Subscription-Contributor”).Id
New-AzureRmRoleAssignment -ObjectId $groupID -Scope “/subscriptions/$($sub.SubscriptionId)” -RoleDefinitionName “Contributor”
Yuvraj Kukar april 26, 2019 af 21:08

Correction –

Login-AzureRMAccount
#import Subscription Names from the text file
$SubscriptionName = Get-Content “C:\temp\subscriptions.txt”
foreach ($Subscription in $SubscriptionName) {
$sub = Get-AzureRmSubscription -Subscriptionname $Subscription
$groupID = (Get-AzureRmADGroup -SearchString “SG-Names-Contributors”).Id
New-AzureRmRoleAssignment -ObjectId $groupID -Scope “/subscriptions/$($sub.SubscriptionId)” -RoleDefinitionName “Contributor”
}

Der er lukket for kommentarer.

Azure PowerShell: How to assign access to a subscription using PowerShell (RBAC)

Share This Story, Choose Your Platform!

Om forfatteren: Jakob Gottlieb Svendsen

Beslægtede indlæg

Azure Automation Form Generator

Identifying Azure AD users with ConfigMgr

PowerShell: Setting Azure Active Directory Diagnostics Forwarding

#PS5.1–Import-PSSession against JEA endpoint Error

Disabling LEDBaT on Your Windows 2016/2019 Server

4 kommentarer