Skip to content

Commit 955dc65

Browse files
himanshusainighimanshusainigCopilot
authored
Update SetupLogicApp doc and AssignRoles helper to latest versions (#128)
- Replace SetupLogicApp-Standard-Agent.md with the newer authoring version (renamed images image1..image71.png; flat ./media/ paths). - Rewrite stale steps 10-12 (consumption-flow logicAppTemplate.json paste and OneDrive April20th download) with a single Standard-flow step that points to the StandardLogicApp folder of this repo; renumber subsequent steps accordingly. - Replace AssignRolesTOManagedIdentity-LogicApps 1.ps1 with cleanly named AssignRolesTOManagedIdentity-LogicApps.ps1 (updated content). - Fix AssignRoles link in the doc (drop %20). Co-authored-by: himanshusainig <hsaini@microsoft.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
1 parent 8458dd4 commit 955dc65

73 files changed

Lines changed: 1148 additions & 731 deletions

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

Microsoft.SCIM.LogicAppValidationTemplate/AssignRolesTOManagedIdentity-LogicApps 1.ps1 renamed to Microsoft.SCIM.LogicAppValidationTemplate/AssignRolesTOManagedIdentity-LogicApps.ps1

Lines changed: 34 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -1,27 +1,34 @@
1-
$miObjId = ""
2-
$graphAppId="00000003-0000-0000-c000-000000000000"
3-
$roleValue="Directory.ReadWrite.All"
4-
$graphSpId = az ad sp list --filter "appId eq '$graphAppId'" --query "[0].id" -o tsv
5-
$roleId = az ad sp show --id $graphSpId --query "appRoles[?value=='$roleValue'].id" -o tsv
6-
$body = @{ principalId=$miObjId; resourceId=$graphSpId; appRoleId=$roleId } | ConvertTo-Json
7-
az rest --method POST --uri "https://graph.microsoft.com/v1.0/servicePrincipals/$miObjId/appRoleAssignments" --headers "Content-Type=application/json" --body "$body"
8-
$roleValue="Application.ReadWrite.All"
9-
$roleId = az ad sp show --id $graphSpId --query "appRoles[?value=='$roleValue'].id" -o tsv
10-
$body = @{ principalId=$miObjId; resourceId=$graphSpId; appRoleId=$roleId } | ConvertTo-Json
11-
az rest --method POST --uri "https://graph.microsoft.com/v1.0/servicePrincipals/$miObjId/appRoleAssignments" --headers "Content-Type=application/json" --body "$body"
12-
$roleValue="Synchronization.ReadWrite.All"
13-
$roleId = az ad sp show --id $graphSpId --query "appRoles[?value=='$roleValue'].id" -o tsv
14-
$body = @{ principalId=$miObjId; resourceId=$graphSpId; appRoleId=$roleId } | ConvertTo-Json
15-
az rest --method POST --uri "https://graph.microsoft.com/v1.0/servicePrincipals/$miObjId/appRoleAssignments" --headers "Content-Type=application/json" --body "$body"
16-
$roleValue="AuditLog.Read.All"
17-
$roleId = az ad sp show --id $graphSpId --query "appRoles[?value=='$roleValue'].id" -o tsv
18-
$body = @{ principalId=$miObjId; resourceId=$graphSpId; appRoleId=$roleId } | ConvertTo-Json
19-
az rest --method POST --uri "https://graph.microsoft.com/v1.0/servicePrincipals/$miObjId/appRoleAssignments" --headers "Content-Type=application/json" --body "$body"
20-
$roleValue="User.ReadWrite.All"
21-
$roleId = az ad sp show --id $graphSpId --query "appRoles[?value=='$roleValue'].id" -o tsv
22-
$body = @{ principalId=$miObjId; resourceId=$graphSpId; appRoleId=$roleId } | ConvertTo-Json
23-
az rest --method POST --uri "https://graph.microsoft.com/v1.0/servicePrincipals/$miObjId/appRoleAssignments" --headers "Content-Type=application/json" --body "$body"
24-
$roleValue="Group.ReadWrite.All"
25-
$roleId = az ad sp show --id $graphSpId --query "appRoles[?value=='$roleValue'].id" -o tsv
26-
$body = @{ principalId=$miObjId; resourceId=$graphSpId; appRoleId=$roleId } | ConvertTo-Json
27-
az rest --method POST --uri "https://graph.microsoft.com/v1.0/servicePrincipals/$miObjId/appRoleAssignments" --headers "Content-Type=application/json" --body "$body"
1+
$miObjId = ""
2+
$graphAppId="00000003-0000-0000-c000-000000000000"
3+
$graphSpId = az ad sp list --filter "appId eq '$graphAppId'" --query "[0].id" -o tsv
4+
5+
$roleValue="Application.Read.All"
6+
$roleId = az ad sp show --id $graphSpId --query "appRoles[?value=='$roleValue'].id" -o tsv
7+
$body = @{ principalId=$miObjId; resourceId=$graphSpId; appRoleId=$roleId } | ConvertTo-Json
8+
az rest --method POST --uri "https://graph.microsoft.com/v1.0/servicePrincipals/$miObjId/appRoleAssignments" --headers "Content-Type=application/json" --body "$body"
9+
10+
$roleValue="User.DeleteRestore.All"
11+
$roleId = az ad sp show --id $graphSpId --query "appRoles[?value=='$roleValue'].id" -o tsv
12+
$body = @{ principalId=$miObjId; resourceId=$graphSpId; appRoleId=$roleId } | ConvertTo-Json
13+
az rest --method POST --uri "https://graph.microsoft.com/v1.0/servicePrincipals/$miObjId/appRoleAssignments" --headers "Content-Type=application/json" --body "$body"
14+
15+
$roleValue="Synchronization.Read.All"
16+
$roleId = az ad sp show --id $graphSpId --query "appRoles[?value=='$roleValue'].id" -o tsv
17+
$body = @{ principalId=$miObjId; resourceId=$graphSpId; appRoleId=$roleId } | ConvertTo-Json
18+
az rest --method POST --uri "https://graph.microsoft.com/v1.0/servicePrincipals/$miObjId/appRoleAssignments" --headers "Content-Type=application/json" --body "$body"
19+
$roleValue="AppRoleAssignment.ReadWrite.All"
20+
$roleId = az ad sp show --id $graphSpId --query "appRoles[?value=='$roleValue'].id" -o tsv
21+
$body = @{ principalId=$miObjId; resourceId=$graphSpId; appRoleId=$roleId } | ConvertTo-Json
22+
az rest --method POST --uri "https://graph.microsoft.com/v1.0/servicePrincipals/$miObjId/appRoleAssignments" --headers "Content-Type=application/json" --body "$body"
23+
$roleValue="AuditLog.Read.All"
24+
$roleId = az ad sp show --id $graphSpId --query "appRoles[?value=='$roleValue'].id" -o tsv
25+
$body = @{ principalId=$miObjId; resourceId=$graphSpId; appRoleId=$roleId } | ConvertTo-Json
26+
az rest --method POST --uri "https://graph.microsoft.com/v1.0/servicePrincipals/$miObjId/appRoleAssignments" --headers "Content-Type=application/json" --body "$body"
27+
$roleValue="User.ReadWrite.All"
28+
$roleId = az ad sp show --id $graphSpId --query "appRoles[?value=='$roleValue'].id" -o tsv
29+
$body = @{ principalId=$miObjId; resourceId=$graphSpId; appRoleId=$roleId } | ConvertTo-Json
30+
az rest --method POST --uri "https://graph.microsoft.com/v1.0/servicePrincipals/$miObjId/appRoleAssignments" --headers "Content-Type=application/json" --body "$body"
31+
$roleValue="Group.ReadWrite.All"
32+
$roleId = az ad sp show --id $graphSpId --query "appRoles[?value=='$roleValue'].id" -o tsv
33+
$body = @{ principalId=$miObjId; resourceId=$graphSpId; appRoleId=$roleId } | ConvertTo-Json
34+
az rest --method POST --uri "https://graph.microsoft.com/v1.0/servicePrincipals/$miObjId/appRoleAssignments" --headers "Content-Type=application/json" --body "$body"

0 commit comments

Comments
 (0)