Functions/Public/identity/Add-vRAPrincipalToTenantRole.ps1
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 |
function Add-vRAPrincipalToTenantRole { <# .SYNOPSIS Add a vRA Principal to a Tenant Role .DESCRIPTION Add a vRA Principal to a Tenant Role .PARAMETER TenantId Specify the Tenant Id .PARAMETER PrincipalId Specify the Principal Id .PARAMETER RoleId Specify the Role Id .INPUTS System.String .OUTPUTS System.Management.Automation.PSObject. .EXAMPLE Add-vRAPrincipalToTenantRole -TenantId Tenant01 -PrincipalId Tenantadmin@vrademo.local -RoleId CSP_TENANT_ADMIN .EXAMPLE Get-vRAUserPrincipal -UserName Tenantadmin@vrademo.local | Add-vRAPrincipalToTenantRole -TenantId Tenant01 -RoleId CSP_TENANT_ADMIN #> [CmdletBinding(SupportsShouldProcess,ConfirmImpact="Low")][OutputType('System.Management.Automation.PSObject')] Param ( [parameter(Mandatory=$true)] [ValidateNotNullOrEmpty()] [String]$TenantId, [parameter(Mandatory=$true,ValueFromPipeline=$true,ValueFromPipelineByPropertyName=$true)] [ValidateNotNullOrEmpty()] [String[]]$PrincipalId, [parameter(Mandatory=$true)] [ValidateNotNullOrEmpty()] [String]$RoleId ) begin { } process { foreach ($Principal in $PrincipalId){ try { if ($PSCmdlet.ShouldProcess($Principal)){ $URI = "/identity/api/authorization/tenants/$($TenantId)/principals/$($Principal)/roles/$($Roleid)" # --- Run vRA REST Request Invoke-vRARestMethod -Method PUT -URI $URI -Verbose:$VerbosePreference | Out-Null # --- Output the Successful Result Get-vRATenantRole -TenantId $TenantId -PrincipalId $Principal | Where-Object {$_.Id -eq $RoleId} | Select-Object Principal,Id,Name } } catch [Exception]{ throw } } } end { } } |