Azure Security Operations: Difference between revisions
Jump to navigation
Jump to search
| Line 44: | Line 44: | ||
=Role Operations= | =Role Operations= | ||
==Assign a Role== | ==Assign a Role== | ||
<syntaxhighlight lang='bash'> | |||
az role assignment create –-role Contributor -–assignee <service-principal-id> -g <service-principal-resource-group> | |||
</syntaxhighlight> | |||
Revision as of 20:38, 25 November 2020
Internal
Account Operations
Login
az login
The command starts a browser for authentication, and if the login is successful, shows something similar to:
The default web browser has been opened at https://login.microsoftonline.com/common/oauth2/authorize. Please continue the login in the web browser. If no web browser is available or if the web browser fails to open, use device code flow with `az login --use-device-code`.
You have logged in. Now let us find all the subscriptions to which you have access...
[
{
"cloudName": "AzureCloud",
"homeTenantId": "55555555-9999-4444-bbbb-aaaaaaaaaaaa",
"id": "99999999-9999-9999-9999-999999999999",
"isDefault": true,
"managedByTenants": [],
"name": "example.example.az(Converted to EA)",
"state": "Enabled",
"tenantId": "53ad779a-93e7-485c-ba20-ac8290d7252b",
"tenantId": <same-as-homeTenantId>,
"user": {
"name": "some.user@example.com",
"type": "user"
}
}
]
Login Status and Account Information
az account list
Set Current Subscription
SUBSCRIPTION_ID=...
az account set --subscription ${SUBSCRIPTION_ID}
Role Operations
Assign a Role
az role assignment create –-role Contributor -–assignee <service-principal-id> -g <service-principal-resource-group>