Functions/Public/identity/Remove-vRAPrincipalFromTenantRole.ps1
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 |
function Remove-vRAPrincipalFromTenantRole { <# .SYNOPSIS Remove a vRA Principal from a Tenant Role .DESCRIPTION Remove a vRA Principal from a Tenant Role .PARAMETER TenantId Specify the Tenant Id .PARAMETER PrincipalId Specify the Principal Id .PARAMETER RoleId Specify the Role Id .INPUTS System.String .OUTPUTS System.Management.Automation.PSObject. .EXAMPLE Remove-vRAPrincipalFromTenantRole -TenantId Tenant01 -PrincipalId Tenantadmin@vrademo.local -RoleId CSP_TENANT_ADMIN .EXAMPLE Get-vRAUserPrincipal -UserName Tenantadmin@vrademo.local | Remove-vRAPrincipalFromTenantRole -TenantId Tenant01 -RoleId CSP_TENANT_ADMIN #> [CmdletBinding(SupportsShouldProcess,ConfirmImpact="High")][OutputType('System.Management.Automation.PSObject')] Param ( [parameter(Mandatory=$true)] [ValidateNotNullOrEmpty()] [String]$TenantId, [parameter(Mandatory=$true,ValueFromPipeline=$true,ValueFromPipelineByPropertyName=$true)] [ValidateNotNullOrEmpty()] [String[]]$PrincipalId, [parameter(Mandatory=$true)] [ValidateNotNullOrEmpty()] [String]$RoleId ) begin { } process { foreach ($Principal in $PrincipalId){ try { if ($PSCmdlet.ShouldProcess($Principal)){ $URI = "/identity/api/authorization/tenants/$($TenantId)/principals/$($Principal)/roles/$($Roleid)" # --- Run vRA REST Request Invoke-vRARestMethod -Method DELETE -URI $URI -Verbose:$VerbosePreference | Out-Null } } catch [Exception]{ throw } } } end { } } |