Note
Access to this page requires authorization. You can try signing in or .
Access to this page requires authorization. You can try .
New-AzManagedServicesDefinition
- Module:
- Az.ManagedServices Module
Create a registration definition.
Syntax
CreateExpanded (Default)
New-AzManagedServicesDefinition
-Name <String>
[-Scope <String>]
[-Authorization <IAuthorization[]>]
[-Description <String>]
[-EligibleAuthorization <IEligibleAuthorization[]>]
[-ManagedByTenantId <String>]
[-PlanName <String>]
[-PlanProduct <String>]
[-PlanPublisher <String>]
[-PlanVersion <String>]
[-RegistrationDefinitionName <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
CreateViaJsonFilePath
New-AzManagedServicesDefinition
-Name <String>
-JsonFilePath <String>
[-Scope <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
CreateViaJsonString
New-AzManagedServicesDefinition
-Name <String>
-JsonString <String>
[-Scope <String>]
[-DefaultProfile <PSObject>]
[-AsJob]
[-NoWait]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
Create a registration definition.
Examples
Example 1: Create new Azure Lighthouse registration definition object with permanent authorization
$permantAuth = New-AzManagedServicesAuthorizationObject -PrincipalId "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" -RoleDefinitionId "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" -PrincipalIdDisplayName "Test user" -DelegatedRoleDefinitionId "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx","xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
New-AzManagedServicesDefinition -Name xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx -RegistrationDefinitionName "Test definition" -ManagedByTenantId "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" -Authorization $permantAuth -Description "Test definition desc" -Scope "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
Name Type
---- ----
xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx Microsoft.ManagedServices/registrationDefinitions
Creates new Azure Lighthouse registration definition object with permanent authorization.
Example 2: Create new Azure Lighthouse registration definition object with both permanent and eligible authorizations
$approver = New-AzManagedServicesEligibleApproverObject -PrincipalId "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" -PrincipalIdDisplayName "Approver group"
$eligibleAuth = New-AzManagedServicesEligibleAuthorizationObject -PrincipalId "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" -PrincipalIdDisplayName "Test user" -RoleDefinitionId "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" -JustInTimeAccessPolicyManagedByTenantApprover $approver -JustInTimeAccessPolicyMultiFactorAuthProvider Azure -JustInTimeAccessPolicyMaximumActivationDuration 0:30
New-AzManagedServicesDefinition -Name "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" -RegistrationDefinitionName "Test definition" -ManagedByTenantId "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" -Authorization $permantAuth -EligibleAuthorization $eligibleAuth -Description "Test definition desc" -Scope "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
Name Type
---- ----
xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxMicrosoft.ManagedServices/registrationDefinitions
Creates new Azure Lighthouse registration definition object with both permanent and eligible authorizations.
Parameters
-AsJob
Run the command as a job
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Authorization
The collection of authorization objects describing the access Azure Active Directory principals in the managedBy tenant will receive on the delegated resource in the managed tenant.
Parameter properties
| Type: | Microsoft.Azure.PowerShell.Cmdlets.ManagedServices.Models.IAuthorization[] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Confirm
Prompts you for confirmation before running the cmdlet.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | cf |
Parameter sets
-DefaultProfile
The DefaultProfile parameter is not functional. Use the SubscriptionId parameter when available if executing the cmdlet against a different subscription.
Parameter properties
| Type: | PSObject |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | AzureRMContext, AzureCredential |
Parameter sets
-Description
The description of the registration definition.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-EligibleAuthorization
The collection of eligible authorization objects describing the just-in-time access Azure Active Directory principals in the managedBy tenant will receive on the delegated resource in the managed tenant.
Parameter properties
| Type: | Microsoft.Azure.PowerShell.Cmdlets.ManagedServices.Models.IEligibleAuthorization[] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-JsonFilePath
Path of Json file supplied to the Create operation
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-JsonString
Json string supplied to the Create operation
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-ManagedByTenantId
The identifier of the managedBy tenant.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Name
The GUID of the registration definition.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | RegistrationDefinitionId |
Parameter sets
-NoWait
Run the command asynchronously
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-PlanName
Azure Marketplace plan name.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-PlanProduct
Azure Marketplace product code.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-PlanPublisher
Azure Marketplace publisher ID.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-PlanVersion
Azure Marketplace plan's version.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-RegistrationDefinitionName
The name of the registration definition.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Scope
The scope of the resource.
Parameter properties
| Type: | String |
| Default value: | "subscriptions/" + (Get-AzContext).Subscription.Id |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | wi |
Parameter sets
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Outputs
Microsoft.Azure.PowerShell.Cmdlets.ManagedServices.Models.IRegistrationDefinition
Azure PowerShell
Feedback
Was this page helpful?