The “Put” method is used to create or update a blueprint assignment. In this last chunk of code, you will be making a REST API call to Azure using the “Invoke-RestMethod” cmdlet. If you require Resource Groups and / or Parameters with your blueprint assignment, you will need to update those properties within the PowerShell object. Since we need to manipulate the body, the body is defined as a PowerShell object and later converted to JSON. The Body is a JSON object that needs to sent in the REST API call. $BodyJson = ConvertTo-Json -InputObject $Body -Depth 100 In this section, I will break down the script and explain each chunk of code: You will need to convert the JSON values to PowerShell objects to add them to my script. The syntax for those properties in JSON can be found on Microsoft’s Docs website. If you want to specify your Resource Group and Parameter values during the assignment, the Body variable will need to be updated with that information. The values for the policy artifact are hard coded in the blueprint definition. NOTE: This script was written to support a blueprint definition with a single policy artifact. \Assign-AzureBlueprint.ps1 -Blueprint test -IdentityType SystemAssigned -Location eastus -LockAssignment None -ManagementGroup JasonMasten -Subscription 'Visual Studio Enterprise Subscription' Call the script using all the parameters.Change your working directory to the folder where you downloaded the script.Download the script from my Github repo.After we have a published blueprint, we can assign the blueprint to a management group. That can be created in the Portal or through code. So first things first… go create your blueprint definition and publish it. The code below will not work unless you have a blueprint definition that has been published. Using PowerShell, you can make a REST API call to assign the blueprint. However, the whole point of using Blueprints is to stamp out a subscription and ideally you want that configuration to be maintained. Blueprints are essentially subscription based deployments.Īssigning a blueprint at the Management Group scope can be a point of contention since Subscription Owners are given that permission to design, update, and maintain a subscription. Though the assignment is made to the Management Group, the blueprint technically has a subscription scope. Assigning blueprints at this scope can be used to prevent Subscription Owners from removing a blueprint assignment. Powered by the BizArchitects, our team of experienced Business Architects offers a number of products and services. Azure Blueprints can only be assigned at the Management Group scope using a REST API call. is focused on developing great companies.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |