建立或更新藍圖指派。
PUT https://management.azure.com/{resourceScope}/providers/Microsoft.Blueprint/blueprintAssignments/{assignmentName}?api-version=2018-11-01-preview
URI 參數
| 名稱 |
位於 |
必要 |
類型 |
Description |
|
assignmentName
|
path |
True
|
string
|
藍圖指派的名稱。
|
|
resourceScope
|
path |
True
|
string
|
資源的範圍。 有效範圍包括:管理群組(格式:'/providers/Microsoft.Management/managementGroups/{managementGroup}')、訂用帳戶(格式:'/subscriptions/{subscriptionId}')。
|
|
api-version
|
query |
True
|
string
|
用戶端 API 版本。
|
要求本文
| 名稱 |
必要 |
類型 |
Description |
|
identity
|
True
|
ManagedServiceIdentity
|
此藍圖指派的受控識別。
|
|
location
|
True
|
string
|
此藍圖指派的位置。
|
|
properties.parameters
|
True
|
<string,
ParameterValue>
|
藍圖指派參數值。
|
|
properties.resourceGroups
|
True
|
<string,
ResourceGroupValue>
|
資源群組佔位元的名稱和位置。
|
|
properties.blueprintId
|
|
string
|
藍圖定義的已發佈版本的標識碼。
|
|
properties.description
|
|
string
maxLength: 500
|
多行說明此資源。
|
|
properties.displayName
|
|
string
maxLength: 256
|
單行字串說明此資源。
|
|
properties.locks
|
|
AssignmentLockSettings
|
定義藍圖指派所部署的資源鎖定方式。
|
|
properties.scope
|
|
string
|
藍圖指派的目標訂用帳戶範圍(格式:』/subscriptions/{subscriptionId}')。 針對管理群組層級指派,需要 屬性。
|
回應
安全性
azure_auth
Azure Active Directory OAuth2 Flow
類型:
oauth2
Flow:
implicit
授權 URL:
https://login.microsoftonline.com/common/oauth2/authorize
範圍
| 名稱 |
Description |
|
user_impersonation
|
模擬您的用戶帳戶
|
範例
Assignment with system-assigned managed identity at management group scope
範例要求
PUT https://management.azure.com/managementGroups/ContosoOnlineGroup/providers/Microsoft.Blueprint/blueprintAssignments/assignSimpleBlueprint?api-version=2018-11-01-preview
{
"identity": {
"type": "SystemAssigned"
},
"location": "eastus",
"properties": {
"description": "enforce pre-defined simpleBlueprint to this XXXXXXXX subscription.",
"blueprintId": "/providers/Microsoft.Management/managementGroups/ContosoOnlineGroup/providers/Microsoft.Blueprint/blueprints/simpleBlueprint",
"scope": "subscriptions/00000000-0000-0000-0000-000000000000",
"parameters": {
"storageAccountType": {
"value": "Standard_LRS"
},
"costCenter": {
"value": "Contoso/Online/Shopping/Production"
},
"owners": {
"value": [
"johnDoe@contoso.com",
"johnsteam@contoso.com"
]
}
},
"resourceGroups": {
"storageRG": {
"name": "defaultRG",
"location": "eastus"
}
}
}
}
package armblueprint_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/blueprint/armblueprint"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/f790e624d0d080b89d962a3bd19c65bc6a6b2f5e/specification/blueprint/resource-manager/Microsoft.Blueprint/preview/2018-11-01-preview/examples/managementGroupBPAssignment/BlueprintAssignment_Create_SystemAssignedMSI.json
func ExampleAssignmentsClient_CreateOrUpdate_assignmentWithSystemAssignedManagedIdentityAtManagementGroupScope() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armblueprint.NewClientFactory(cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
_, err = clientFactory.NewAssignmentsClient().CreateOrUpdate(ctx, "managementGroups/ContosoOnlineGroup", "assignSimpleBlueprint", armblueprint.Assignment{
Location: to.Ptr("eastus"),
Identity: &armblueprint.ManagedServiceIdentity{
Type: to.Ptr(armblueprint.ManagedServiceIdentityTypeSystemAssigned),
},
Properties: &armblueprint.AssignmentProperties{
Description: to.Ptr("enforce pre-defined simpleBlueprint to this XXXXXXXX subscription."),
BlueprintID: to.Ptr("/providers/Microsoft.Management/managementGroups/ContosoOnlineGroup/providers/Microsoft.Blueprint/blueprints/simpleBlueprint"),
Parameters: map[string]*armblueprint.ParameterValue{
"costCenter": {
Value: "Contoso/Online/Shopping/Production",
},
"owners": {
Value: []any{
"johnDoe@contoso.com",
"johnsteam@contoso.com",
},
},
"storageAccountType": {
Value: "Standard_LRS",
},
},
ResourceGroups: map[string]*armblueprint.ResourceGroupValue{
"storageRG": {
Name: to.Ptr("defaultRG"),
Location: to.Ptr("eastus"),
},
},
Scope: to.Ptr("subscriptions/00000000-0000-0000-0000-000000000000"),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Blueprint;
using Azure.ResourceManager.Blueprint.Models;
using Azure.ResourceManager.Models;
// Generated from example definition: specification/blueprint/resource-manager/Microsoft.Blueprint/preview/2018-11-01-preview/examples/managementGroupBPAssignment/BlueprintAssignment_Create_SystemAssignedMSI.json
// this example is just showing the usage of "Assignments_CreateOrUpdate" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this AssignmentResource created on azure
// for more information of creating AssignmentResource, please refer to the document of AssignmentResource
string resourceScope = "managementGroups/ContosoOnlineGroup";
string assignmentName = "assignSimpleBlueprint";
ResourceIdentifier assignmentResourceId = AssignmentResource.CreateResourceIdentifier(resourceScope, assignmentName);
AssignmentResource assignment = client.GetAssignmentResource(assignmentResourceId);
// invoke the operation
AssignmentData data = new AssignmentData(new Models.ManagedServiceIdentity(ManagedServiceIdentityType.SystemAssigned), new Dictionary<string, ParameterValue>()
{
["costCenter"] = new ParameterValue()
{
Value = BinaryData.FromString("Contoso/Online/Shopping/Production"),
},
["owners"] = new ParameterValue()
{
Value = BinaryData.FromObjectAsJson(new object[] { "johnDoe@contoso.com", "johnsteam@contoso.com" }),
},
["storageAccountType"] = new ParameterValue()
{
Value = BinaryData.FromString("Standard_LRS"),
},
}, new Dictionary<string, ResourceGroupValue>()
{
["storageRG"] = new ResourceGroupValue()
{
Name = "defaultRG",
Location = new AzureLocation("eastus"),
},
}, new AzureLocation("eastus"))
{
Description = "enforce pre-defined simpleBlueprint to this XXXXXXXX subscription.",
BlueprintId = "/providers/Microsoft.Management/managementGroups/ContosoOnlineGroup/providers/Microsoft.Blueprint/blueprints/simpleBlueprint",
Scope = "subscriptions/00000000-0000-0000-0000-000000000000",
};
ArmOperation<AssignmentResource> lro = await assignment.UpdateAsync(WaitUntil.Completed, data);
AssignmentResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
AssignmentData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
範例回覆
{
"identity": {
"type": "SystemAssigned",
"tenantId": "00000000-0000-0000-0000-000000000000",
"principalId": "00000000-0000-0000-0000-000000000000"
},
"location": "eastus",
"properties": {
"description": "enforce pre-defined simpleBlueprint to this XXXXXXXX subscription.",
"provisioningState": "creating",
"blueprintId": "/providers/Microsoft.Management/managementGroups/ContosoOnlineGroup/providers/Microsoft.Blueprint/blueprints/simpleBlueprint",
"scope": "subscriptions/00000000-0000-0000-0000-000000000000",
"parameters": {
"storageAccountType": {
"value": "Standard_LRS"
},
"costCenter": {
"value": "Contoso/Online/Shopping/Production"
},
"owners": {
"value": [
"johnDoe@contoso.com",
"johnsteam@contoso.com"
]
}
},
"resourceGroups": {
"storageRG": {
"name": "defaultRG",
"location": "eastus"
}
}
},
"id": "/managementGroups/ContosoOnlineGroup/providers/Microsoft.Blueprint/blueprintAssignments/assignSimpleBlueprint",
"type": "Microsoft.Blueprint/Assignment",
"name": "assignSimpleBlueprint"
}
Assignment with system-assigned managed identity at subscription scope
範例要求
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Blueprint/blueprintAssignments/assignSimpleBlueprint?api-version=2018-11-01-preview
{
"identity": {
"type": "SystemAssigned"
},
"location": "eastus",
"properties": {
"description": "enforce pre-defined simpleBlueprint to this XXXXXXXX subscription.",
"blueprintId": "/providers/Microsoft.Management/managementGroups/ContosoOnlineGroup/providers/Microsoft.Blueprint/blueprints/simpleBlueprint",
"parameters": {
"storageAccountType": {
"value": "Standard_LRS"
},
"costCenter": {
"value": "Contoso/Online/Shopping/Production"
},
"owners": {
"value": [
"johnDoe@contoso.com",
"johnsteam@contoso.com"
]
}
},
"resourceGroups": {
"storageRG": {
"name": "defaultRG",
"location": "eastus"
}
}
}
}
package armblueprint_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/blueprint/armblueprint"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/f790e624d0d080b89d962a3bd19c65bc6a6b2f5e/specification/blueprint/resource-manager/Microsoft.Blueprint/preview/2018-11-01-preview/examples/subscriptionBPAssignment/BlueprintAssignment_Create_SystemAssignedMSI.json
func ExampleAssignmentsClient_CreateOrUpdate_assignmentWithSystemAssignedManagedIdentityAtSubscriptionScope() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armblueprint.NewClientFactory(cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
_, err = clientFactory.NewAssignmentsClient().CreateOrUpdate(ctx, "subscriptions/00000000-0000-0000-0000-000000000000", "assignSimpleBlueprint", armblueprint.Assignment{
Location: to.Ptr("eastus"),
Identity: &armblueprint.ManagedServiceIdentity{
Type: to.Ptr(armblueprint.ManagedServiceIdentityTypeSystemAssigned),
},
Properties: &armblueprint.AssignmentProperties{
Description: to.Ptr("enforce pre-defined simpleBlueprint to this XXXXXXXX subscription."),
BlueprintID: to.Ptr("/providers/Microsoft.Management/managementGroups/ContosoOnlineGroup/providers/Microsoft.Blueprint/blueprints/simpleBlueprint"),
Parameters: map[string]*armblueprint.ParameterValue{
"costCenter": {
Value: "Contoso/Online/Shopping/Production",
},
"owners": {
Value: []any{
"johnDoe@contoso.com",
"johnsteam@contoso.com",
},
},
"storageAccountType": {
Value: "Standard_LRS",
},
},
ResourceGroups: map[string]*armblueprint.ResourceGroupValue{
"storageRG": {
Name: to.Ptr("defaultRG"),
Location: to.Ptr("eastus"),
},
},
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Blueprint;
using Azure.ResourceManager.Blueprint.Models;
using Azure.ResourceManager.Models;
// Generated from example definition: specification/blueprint/resource-manager/Microsoft.Blueprint/preview/2018-11-01-preview/examples/subscriptionBPAssignment/BlueprintAssignment_Create_SystemAssignedMSI.json
// this example is just showing the usage of "Assignments_CreateOrUpdate" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this AssignmentResource created on azure
// for more information of creating AssignmentResource, please refer to the document of AssignmentResource
string resourceScope = "subscriptions/00000000-0000-0000-0000-000000000000";
string assignmentName = "assignSimpleBlueprint";
ResourceIdentifier assignmentResourceId = AssignmentResource.CreateResourceIdentifier(resourceScope, assignmentName);
AssignmentResource assignment = client.GetAssignmentResource(assignmentResourceId);
// invoke the operation
AssignmentData data = new AssignmentData(new Models.ManagedServiceIdentity(ManagedServiceIdentityType.SystemAssigned), new Dictionary<string, ParameterValue>()
{
["costCenter"] = new ParameterValue()
{
Value = BinaryData.FromString("Contoso/Online/Shopping/Production"),
},
["owners"] = new ParameterValue()
{
Value = BinaryData.FromObjectAsJson(new object[] { "johnDoe@contoso.com", "johnsteam@contoso.com" }),
},
["storageAccountType"] = new ParameterValue()
{
Value = BinaryData.FromString("Standard_LRS"),
},
}, new Dictionary<string, ResourceGroupValue>()
{
["storageRG"] = new ResourceGroupValue()
{
Name = "defaultRG",
Location = new AzureLocation("eastus"),
},
}, new AzureLocation("eastus"))
{
Description = "enforce pre-defined simpleBlueprint to this XXXXXXXX subscription.",
BlueprintId = "/providers/Microsoft.Management/managementGroups/ContosoOnlineGroup/providers/Microsoft.Blueprint/blueprints/simpleBlueprint",
};
ArmOperation<AssignmentResource> lro = await assignment.UpdateAsync(WaitUntil.Completed, data);
AssignmentResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
AssignmentData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
範例回覆
{
"identity": {
"type": "SystemAssigned",
"tenantId": "00000000-0000-0000-0000-000000000000",
"principalId": "00000000-0000-0000-0000-000000000000"
},
"location": "eastus",
"properties": {
"description": "enforce pre-defined simpleBlueprint to this XXXXXXXX subscription.",
"provisioningState": "creating",
"blueprintId": "/providers/Microsoft.Management/managementGroups/ContosoOnlineGroup/providers/Microsoft.Blueprint/blueprints/simpleBlueprint",
"parameters": {
"storageAccountType": {
"value": "Standard_LRS"
},
"costCenter": {
"value": "Contoso/Online/Shopping/Production"
},
"owners": {
"value": [
"johnDoe@contoso.com",
"johnsteam@contoso.com"
]
}
},
"resourceGroups": {
"storageRG": {
"name": "defaultRG",
"location": "eastus"
}
}
},
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Blueprint/blueprintAssignments/assignSimpleBlueprint",
"type": "Microsoft.Blueprint/Assignment",
"name": "assignSimpleBlueprint"
}
Assignment with user-assigned managed identity at management group scope
範例要求
PUT https://management.azure.com/managementGroups/ContosoOnlineGroup/providers/Microsoft.Blueprint/blueprintAssignments/assignSimpleBlueprint?api-version=2018-11-01-preview
{
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/contoso-resource-group/providers/Microsoft.ManagedIdentity/userAssignedIdentities/contoso-identity": {}
}
},
"location": "eastus",
"properties": {
"description": "enforce pre-defined simpleBlueprint to this XXXXXXXX subscription.",
"blueprintId": "/providers/Microsoft.Management/managementGroups/ContosoOnlineGroup/providers/Microsoft.Blueprint/blueprints/simpleBlueprint",
"scope": "subscriptions/00000000-0000-0000-0000-000000000000",
"parameters": {
"storageAccountType": {
"value": "Standard_LRS"
},
"costCenter": {
"value": "Contoso/Online/Shopping/Production"
},
"owners": {
"value": [
"johnDoe@contoso.com",
"johnsteam@contoso.com"
]
}
},
"resourceGroups": {
"storageRG": {
"name": "defaultRG",
"location": "eastus"
}
}
}
}
package armblueprint_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/blueprint/armblueprint"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/f790e624d0d080b89d962a3bd19c65bc6a6b2f5e/specification/blueprint/resource-manager/Microsoft.Blueprint/preview/2018-11-01-preview/examples/managementGroupBPAssignment/BlueprintAssignment_Create_UserAssignedMSI.json
func ExampleAssignmentsClient_CreateOrUpdate_assignmentWithUserAssignedManagedIdentityAtManagementGroupScope() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armblueprint.NewClientFactory(cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
_, err = clientFactory.NewAssignmentsClient().CreateOrUpdate(ctx, "managementGroups/ContosoOnlineGroup", "assignSimpleBlueprint", armblueprint.Assignment{
Location: to.Ptr("eastus"),
Identity: &armblueprint.ManagedServiceIdentity{
Type: to.Ptr(armblueprint.ManagedServiceIdentityTypeUserAssigned),
UserAssignedIdentities: map[string]*armblueprint.UserAssignedIdentity{
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/contoso-resource-group/providers/Microsoft.ManagedIdentity/userAssignedIdentities/contoso-identity": {},
},
},
Properties: &armblueprint.AssignmentProperties{
Description: to.Ptr("enforce pre-defined simpleBlueprint to this XXXXXXXX subscription."),
BlueprintID: to.Ptr("/providers/Microsoft.Management/managementGroups/ContosoOnlineGroup/providers/Microsoft.Blueprint/blueprints/simpleBlueprint"),
Parameters: map[string]*armblueprint.ParameterValue{
"costCenter": {
Value: "Contoso/Online/Shopping/Production",
},
"owners": {
Value: []any{
"johnDoe@contoso.com",
"johnsteam@contoso.com",
},
},
"storageAccountType": {
Value: "Standard_LRS",
},
},
ResourceGroups: map[string]*armblueprint.ResourceGroupValue{
"storageRG": {
Name: to.Ptr("defaultRG"),
Location: to.Ptr("eastus"),
},
},
Scope: to.Ptr("subscriptions/00000000-0000-0000-0000-000000000000"),
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Blueprint;
using Azure.ResourceManager.Blueprint.Models;
using Azure.ResourceManager.Models;
// Generated from example definition: specification/blueprint/resource-manager/Microsoft.Blueprint/preview/2018-11-01-preview/examples/managementGroupBPAssignment/BlueprintAssignment_Create_UserAssignedMSI.json
// this example is just showing the usage of "Assignments_CreateOrUpdate" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this AssignmentResource created on azure
// for more information of creating AssignmentResource, please refer to the document of AssignmentResource
string resourceScope = "managementGroups/ContosoOnlineGroup";
string assignmentName = "assignSimpleBlueprint";
ResourceIdentifier assignmentResourceId = AssignmentResource.CreateResourceIdentifier(resourceScope, assignmentName);
AssignmentResource assignment = client.GetAssignmentResource(assignmentResourceId);
// invoke the operation
AssignmentData data = new AssignmentData(new Models.ManagedServiceIdentity(ManagedServiceIdentityType.UserAssigned)
{
UserAssignedIdentities =
{
["/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/contoso-resource-group/providers/Microsoft.ManagedIdentity/userAssignedIdentities/contoso-identity"] = new UserAssignedIdentity(),
},
}, new Dictionary<string, ParameterValue>()
{
["costCenter"] = new ParameterValue()
{
Value = BinaryData.FromString("Contoso/Online/Shopping/Production"),
},
["owners"] = new ParameterValue()
{
Value = BinaryData.FromObjectAsJson(new object[] { "johnDoe@contoso.com", "johnsteam@contoso.com" }),
},
["storageAccountType"] = new ParameterValue()
{
Value = BinaryData.FromString("Standard_LRS"),
},
}, new Dictionary<string, ResourceGroupValue>()
{
["storageRG"] = new ResourceGroupValue()
{
Name = "defaultRG",
Location = new AzureLocation("eastus"),
},
}, new AzureLocation("eastus"))
{
Description = "enforce pre-defined simpleBlueprint to this XXXXXXXX subscription.",
BlueprintId = "/providers/Microsoft.Management/managementGroups/ContosoOnlineGroup/providers/Microsoft.Blueprint/blueprints/simpleBlueprint",
Scope = "subscriptions/00000000-0000-0000-0000-000000000000",
};
ArmOperation<AssignmentResource> lro = await assignment.UpdateAsync(WaitUntil.Completed, data);
AssignmentResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
AssignmentData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
範例回覆
{
"identity": {
"type": "UserAssigned",
"tenantId": "00000000-0000-0000-0000-000000000000",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/contoso-resource-group/providers/Microsoft.ManagedIdentity/userAssignedIdentities/contoso-identity": {
"principalId": "00000000-0000-0000-0000-000000000000",
"clientId": "00000000-0000-0000-0000-000000000000"
}
}
},
"location": "eastus",
"properties": {
"description": "enforce pre-defined simpleBlueprint to this XXXXXXXX subscription.",
"provisioningState": "creating",
"blueprintId": "/providers/Microsoft.Management/managementGroups/ContosoOnlineGroup/providers/Microsoft.Blueprint/blueprints/simpleBlueprint",
"scope": "subscriptions/00000000-0000-0000-0000-000000000000",
"parameters": {
"storageAccountType": {
"value": "Standard_LRS"
},
"costCenter": {
"value": "Contoso/Online/Shopping/Production"
},
"owners": {
"value": [
"johnDoe@contoso.com",
"johnsteam@contoso.com"
]
}
},
"resourceGroups": {
"storageRG": {
"name": "defaultRG",
"location": "eastus"
}
}
},
"id": "/managementGroups/ContosoOnlineGroup/providers/Microsoft.Blueprint/blueprintAssignments/assignSimpleBlueprint",
"type": "Microsoft.Blueprint/Assignment",
"name": "assignSimpleBlueprint"
}
Assignment with user-assigned managed identity at subscription scope
範例要求
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Blueprint/blueprintAssignments/assignSimpleBlueprint?api-version=2018-11-01-preview
{
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/contoso-resource-group/providers/Microsoft.ManagedIdentity/userAssignedIdentities/contoso-identity": {}
}
},
"location": "eastus",
"properties": {
"description": "enforce pre-defined simpleBlueprint to this XXXXXXXX subscription.",
"blueprintId": "/providers/Microsoft.Management/managementGroups/ContosoOnlineGroup/providers/Microsoft.Blueprint/blueprints/simpleBlueprint",
"parameters": {
"storageAccountType": {
"value": "Standard_LRS"
},
"costCenter": {
"value": "Contoso/Online/Shopping/Production"
},
"owners": {
"value": [
"johnDoe@contoso.com",
"johnsteam@contoso.com"
]
}
},
"resourceGroups": {
"storageRG": {
"name": "defaultRG",
"location": "eastus"
}
}
}
}
package armblueprint_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/blueprint/armblueprint"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/f790e624d0d080b89d962a3bd19c65bc6a6b2f5e/specification/blueprint/resource-manager/Microsoft.Blueprint/preview/2018-11-01-preview/examples/subscriptionBPAssignment/BlueprintAssignment_Create_UserAssignedMSI.json
func ExampleAssignmentsClient_CreateOrUpdate_assignmentWithUserAssignedManagedIdentityAtSubscriptionScope() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armblueprint.NewClientFactory(cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
_, err = clientFactory.NewAssignmentsClient().CreateOrUpdate(ctx, "subscriptions/00000000-0000-0000-0000-000000000000", "assignSimpleBlueprint", armblueprint.Assignment{
Location: to.Ptr("eastus"),
Identity: &armblueprint.ManagedServiceIdentity{
Type: to.Ptr(armblueprint.ManagedServiceIdentityTypeUserAssigned),
UserAssignedIdentities: map[string]*armblueprint.UserAssignedIdentity{
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/contoso-resource-group/providers/Microsoft.ManagedIdentity/userAssignedIdentities/contoso-identity": {},
},
},
Properties: &armblueprint.AssignmentProperties{
Description: to.Ptr("enforce pre-defined simpleBlueprint to this XXXXXXXX subscription."),
BlueprintID: to.Ptr("/providers/Microsoft.Management/managementGroups/ContosoOnlineGroup/providers/Microsoft.Blueprint/blueprints/simpleBlueprint"),
Parameters: map[string]*armblueprint.ParameterValue{
"costCenter": {
Value: "Contoso/Online/Shopping/Production",
},
"owners": {
Value: []any{
"johnDoe@contoso.com",
"johnsteam@contoso.com",
},
},
"storageAccountType": {
Value: "Standard_LRS",
},
},
ResourceGroups: map[string]*armblueprint.ResourceGroupValue{
"storageRG": {
Name: to.Ptr("defaultRG"),
Location: to.Ptr("eastus"),
},
},
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Blueprint;
using Azure.ResourceManager.Blueprint.Models;
using Azure.ResourceManager.Models;
// Generated from example definition: specification/blueprint/resource-manager/Microsoft.Blueprint/preview/2018-11-01-preview/examples/subscriptionBPAssignment/BlueprintAssignment_Create_UserAssignedMSI.json
// this example is just showing the usage of "Assignments_CreateOrUpdate" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this AssignmentResource created on azure
// for more information of creating AssignmentResource, please refer to the document of AssignmentResource
string resourceScope = "subscriptions/00000000-0000-0000-0000-000000000000";
string assignmentName = "assignSimpleBlueprint";
ResourceIdentifier assignmentResourceId = AssignmentResource.CreateResourceIdentifier(resourceScope, assignmentName);
AssignmentResource assignment = client.GetAssignmentResource(assignmentResourceId);
// invoke the operation
AssignmentData data = new AssignmentData(new Models.ManagedServiceIdentity(ManagedServiceIdentityType.UserAssigned)
{
UserAssignedIdentities =
{
["/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/contoso-resource-group/providers/Microsoft.ManagedIdentity/userAssignedIdentities/contoso-identity"] = new UserAssignedIdentity(),
},
}, new Dictionary<string, ParameterValue>()
{
["costCenter"] = new ParameterValue()
{
Value = BinaryData.FromString("Contoso/Online/Shopping/Production"),
},
["owners"] = new ParameterValue()
{
Value = BinaryData.FromObjectAsJson(new object[] { "johnDoe@contoso.com", "johnsteam@contoso.com" }),
},
["storageAccountType"] = new ParameterValue()
{
Value = BinaryData.FromString("Standard_LRS"),
},
}, new Dictionary<string, ResourceGroupValue>()
{
["storageRG"] = new ResourceGroupValue()
{
Name = "defaultRG",
Location = new AzureLocation("eastus"),
},
}, new AzureLocation("eastus"))
{
Description = "enforce pre-defined simpleBlueprint to this XXXXXXXX subscription.",
BlueprintId = "/providers/Microsoft.Management/managementGroups/ContosoOnlineGroup/providers/Microsoft.Blueprint/blueprints/simpleBlueprint",
};
ArmOperation<AssignmentResource> lro = await assignment.UpdateAsync(WaitUntil.Completed, data);
AssignmentResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
AssignmentData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
範例回覆
{
"identity": {
"type": "UserAssigned",
"tenantId": "00000000-0000-0000-0000-000000000000",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/contoso-resource-group/providers/Microsoft.ManagedIdentity/userAssignedIdentities/contoso-identity": {
"principalId": "00000000-0000-0000-0000-000000000000",
"clientId": "00000000-0000-0000-0000-000000000000"
}
}
},
"location": "eastus",
"properties": {
"description": "enforce pre-defined simpleBlueprint to this XXXXXXXX subscription.",
"provisioningState": "creating",
"blueprintId": "/providers/Microsoft.Management/managementGroups/ContosoOnlineGroup/providers/Microsoft.Blueprint/blueprints/simpleBlueprint",
"parameters": {
"storageAccountType": {
"value": "Standard_LRS"
},
"costCenter": {
"value": "Contoso/Online/Shopping/Production"
},
"owners": {
"value": [
"johnDoe@contoso.com",
"johnsteam@contoso.com"
]
}
},
"resourceGroups": {
"storageRG": {
"name": "defaultRG",
"location": "eastus"
}
}
},
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Blueprint/blueprintAssignments/assignSimpleBlueprint",
"type": "Microsoft.Blueprint/Assignment",
"name": "assignSimpleBlueprint"
}
定義
Assignment
Object
表示藍圖指派。
| 名稱 |
類型 |
Description |
|
id
|
string
|
用來尋找 Azure 上任何資源的字串標識碼。
|
|
identity
|
ManagedServiceIdentity
|
此藍圖指派的受控識別。
|
|
location
|
string
|
此藍圖指派的位置。
|
|
name
|
string
|
此資源的名稱。
|
|
properties.blueprintId
|
string
|
藍圖定義的已發佈版本的標識碼。
|
|
properties.description
|
string
maxLength: 500
|
多行說明此資源。
|
|
properties.displayName
|
string
maxLength: 256
|
單行字串說明此資源。
|
|
properties.locks
|
AssignmentLockSettings
|
定義藍圖指派所部署的資源鎖定方式。
|
|
properties.parameters
|
<string,
ParameterValue>
|
藍圖指派參數值。
|
|
properties.provisioningState
|
AssignmentProvisioningState
|
藍圖指派的狀態。
|
|
properties.resourceGroups
|
<string,
ResourceGroupValue>
|
資源群組佔位元的名稱和位置。
|
|
properties.scope
|
string
|
藍圖指派的目標訂用帳戶範圍(格式:』/subscriptions/{subscriptionId}')。 針對管理群組層級指派,需要 屬性。
|
|
properties.status
|
AssignmentStatus
|
藍圖指派的狀態。 此欄位是唯讀的。
|
|
type
|
string
|
此資源的類型。
|
AssignmentLockMode
列舉型別
鎖定模式。
| 值 |
Description |
|
AllResourcesDoNotDelete
|
|
|
AllResourcesReadOnly
|
|
|
None
|
|
AssignmentLockSettings
Object
定義藍圖指派所部署的資源鎖定方式。
| 名稱 |
類型 |
Description |
|
excludedActions
|
string[]
|
從藍圖鎖定排除的管理作業清單。 最多允許200個動作。 如果鎖定模式設定為 'AllResourcesReadOnly',則下列動作會自動附加至 'excludedActions':'*/read'、'Microsoft.Network/virtualNetworks/subnets/join/action' 和 'Microsoft.Authorization/locks/delete'。 如果鎖定模式設定為 'AllResourcesDoNotDelete',則下列動作會自動附加至 'excludedActions': 'Microsoft.Authorization/locks/delete'。 將會移除重複的動作。
|
|
excludedPrincipals
|
string[]
|
從藍圖鎖定排除的 AAD 主體清單。 最多允許5個主體。
|
|
mode
|
AssignmentLockMode
|
鎖定模式。
|
AssignmentProvisioningState
列舉型別
藍圖指派的狀態。
| 值 |
Description |
|
canceled
|
|
|
cancelling
|
|
|
creating
|
|
|
deleting
|
|
|
deploying
|
|
|
failed
|
|
|
locking
|
|
|
succeeded
|
|
|
validating
|
|
|
waiting
|
|
AssignmentStatus
Object
藍圖指派的狀態。 此欄位是唯讀的。
| 名稱 |
類型 |
Description |
|
lastModified
|
string
(date-time)
|
此藍圖定義的上次修改時間。
|
|
managedResources
|
string[]
|
藍圖指派所建立的資源清單。
|
|
timeCreated
|
string
(date-time)
|
此藍圖定義的建立時間。
|
CloudError
Object
| 名稱 |
類型 |
Description |
|
error
|
ErrorResponse
|
錯誤回應
所有 Azure Resource Manager API 的常見錯誤回應,以傳回失敗作業的錯誤詳細數據。 (這也遵循 OData 錯誤回應格式。)
|
ErrorAdditionalInfo
Object
資源管理錯誤其他資訊。
| 名稱 |
類型 |
Description |
|
info
|
object
|
其他資訊。
|
|
type
|
string
|
其他信息類型。
|
ErrorResponse
Object
錯誤回應
keyVaultReference
Object
指定 Key Vault 的連結。
| 名稱 |
類型 |
Description |
|
id
|
string
|
Key Vault 的 Azure 資源識別碼。
|
ManagedServiceIdentity
Object
受控識別泛型物件。
| 名稱 |
類型 |
Description |
|
principalId
|
string
|
與此身分識別相關聯的 Azure Active Directory 主體標識符。
|
|
tenantId
|
string
|
Azure Active Directory 的標識碼。
|
|
type
|
ManagedServiceIdentityType
|
受控識別的類型。
|
|
userAssignedIdentities
|
<string,
UserAssignedIdentity>
|
與資源相關聯的使用者指派受控識別清單。 密鑰是受控識別的 Azure 資源識別碼。
|
ManagedServiceIdentityType
列舉型別
受控識別的類型。
| 值 |
Description |
|
None
|
|
|
SystemAssigned
|
|
|
UserAssigned
|
|
ParameterValue
Object
指定參數的值。 可以是 'value' 或 'reference',但不能同時是兩者。
| 名稱 |
類型 |
Description |
|
reference
|
SecretValueReference
|
參數值做為參考型別。
|
|
value
|
object
|
參數值。 允許任何有效的 JSON 值,包括對象、數位、字串、數位和布爾值。
|
ResourceGroupValue
Object
代表 Azure 資源群組。
| 名稱 |
類型 |
Description |
|
location
|
string
|
資源群組的位置。
|
|
name
|
string
minLength: 1
maxLength: 90
|
資源群組的名稱。
|
SecretValueReference
Object
Key Vault 秘密的參考。
| 名稱 |
類型 |
Description |
|
keyVault
|
keyVaultReference
|
指定指定 Azure Key Vault 的參考。
|
|
secretName
|
string
|
秘密的名稱。
|
|
secretVersion
|
string
|
要使用的秘密版本。 如果保留空白,則會使用最新版本的秘密。
|
UserAssignedIdentity
Object
使用者指派的受控識別。
| 名稱 |
類型 |
Description |
|
clientId
|
string
|
與此身分識別相關聯的用戶端應用程式標識碼。
|
|
principalId
|
string
|
與此身分識別相關聯的 Azure Active Directory 主體標識符。
|