Storage applying Rbac #4460
Answered
by
pattisanta
pattisanta
asked this question in
General
Storage applying Rbac
#4460
-
@description('Name of StorageAcount')
param StorageAccountName string
@description('Specifies the User principal ID assigned to the role.')
param principalId string = 'xxxxxxxxxxxxxxxxxxxxxxxxx'
@description('Specifies the role definition ID used in the role assignment.')
param roleDefinitionGuid string ='b86a8fe4-44ce-4948-aee5-eccb2c155cd7'
var roleAssignGuid = guid(principalId,roleDef.id)
resource sa 'Microsoft.Storage/storageAccounts@2021-02-01' = {
name: StorageAccountName
sku:{
name: 'Standard_LRS'
tier:'Standard'
}
kind:'StorageV2'
location: 'eastus'
identity:{
type:'SystemAssigned'
}
properties:{
minimumTlsVersion:'TLS1_2'
allowBlobPublicAccess:false
allowSharedKeyAccess: true
isHnsEnabled:false
supportsHttpsTrafficOnly:true
encryption:{
services:{
file:{
keyType:'Account'
enabled: true
}
blob:{
keyType:'Account'
enabled: true
}
}
keySource:'Microsoft.Storage'
}
accessTier:'Hot'
}
}
resource roleDef 'Microsoft.Authorization/roleDefinitions@2018-01-01-preview' existing = {
name: roleDefinitionGuid
}
resource assignment 'Microsoft.Authorization/roleAssignments@2018-01-01-preview' = {
name: roleAssignGuid
scope:sa
properties: {
principalId:principalId
roleDefinitionId: roleDef.id
}
} |
Beta Was this translation helpful? Give feedback.
Answered by
pattisanta
Sep 16, 2021
Replies: 1 comment
-
|
I figured out my own problem. Sorry for posting |
Beta Was this translation helpful? Give feedback.
0 replies
Answer selected by
pattisanta
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I figured out my own problem. Sorry for posting