functions/roleManagement/roleAssignments/Register-AzurePIMroleAssignment.ps1
function Register-AzurePIMroleAssignment { Param ( [bool] $present = $true, [Parameter(Mandatory = $true)] [ValidateSet("active", "eligible")] [string] $type, [Parameter(Mandatory = $true)] [string] $principalReference, [Parameter(Mandatory = $true)] [ValidateSet('group', 'user', 'servicePrincipal')] [string] $principalType, [Parameter(Mandatory = $true)] [string] $subscriptionReference, [Parameter(Mandatory = $true)] [string] $scopeReference, [Parameter(Mandatory = $true)] [ValidateSet('subscription', 'resourceGroup', 'resource')] [string] $scopeType, [Parameter(Mandatory = $true)] [string] $roleReference, [Parameter(Mandatory = $true)] [dateTime] $startDateTime, [Parameter(Mandatory = $true)] [ValidateSet('noExpiration', 'AfterDateTime', 'AfterDuration')] [string] $expirationType, [dateTime] $endDateTime, [string] $duration, [string] $sourceConfig = "<Custom>", [System.Management.Automation.PSCmdlet] $Cmdlet = $PSCmdlet ) begin { $resourceName = "roleAssignments" if (!$script:desiredConfiguration[$resourceName]) { $script:desiredConfiguration[$resourceName] = @() } foreach ($item in $script:desiredConfiguration[$resourceName]) { if ($item.type -eq $type -and $item.principalReference -eq $principalReference -and $item.roleReference -eq $roleReference -and $item.scopeReference -eq $scopeReference) { $alreadyLoaded = $script:desiredConfiguration[$resourceName] | Where-Object {$_.type -eq $type -and $_.principalReference -eq $principalReference -and $_.roleReference -eq $roleReference -and $_.scopeReference -eq $scopeReference} } } } process { if (Test-PSFFunctionInterrupt) { return } $object = [PSCustomObject] @{ present = $present type = $type principalReference = $principalReference principalType = $principalType subscriptionReference = $subscriptionReference scopeReference = $scopeReference scopeType = $scopeType roleReference = $roleReference startDateTime = $startDateTime expirationType = $expirationType sourceConfig = $sourceConfig } "endDateTime", "duration" | ForEach-Object { if ($PSBoundParameters.ContainsKey($_)) { Add-Member -InputObject $object -MemberType NoteProperty -Name $_ -Value $PSBoundParameters[$_] } } Add-Member -InputObject $object -MemberType ScriptMethod -Name Properties -Value { ($this | Get-Member -MemberType NoteProperty).Name } if ($alreadyLoaded) { $script:desiredConfiguration[$resourceName][$script:desiredConfiguration[$resourceName].IndexOf($alreadyLoaded)] = $object } else { $script:desiredConfiguration[$resourceName] += $object } } end {} } |