在天蓝色的NSG上写规则
[英]write rule on NSG in azure
问题描述
Lets say I have an NSG rule that I want to allow a user write permission to create an inbond rule. 
可以说我有一个NSG规则,我想允许用户具有写权限来创建内键规则。 Access to any other resource should be blocked for that user. 该用户应禁止访问任何其他资源。
How can we write custom RBAC rule in ARM Template? 我们如何在ARM模板中编写自定义RBAC规则?
1 个解决方案
解决方案1
0 2017-10-13 02:29:14
Solution1 Powershell 解决方案1 Powershell
Step1 You need to create a new guest user in azure active directory. 步骤1您需要在azure活动目录中创建一个新的来宾用户。 Go to Azure portal > Azure Active Directory >add a guest user > Go to your guest user Email and accept the invitation. 转到Azure门户> Azure Active Directory>添加来宾用户>转到来宾用户电子邮件并接受邀请。
Step2 Using Powershell to login Azure with your Admin account.Run these codes: AzureRmRoleAssignment -ObjectId <your external user Object Id> -RoleDefinitionName Contributor -Scope "<your NSG resource ID> 步骤2使用Powershell使用您的Admin帐户登录Azure。运行以下代码: AzureRmRoleAssignment -ObjectId <your external user Object Id> -RoleDefinitionName Contributor -Scope "<your NSG resource ID>
You can go to Azure portal to find the value of Object ID and the Resource ID. 您可以转到Azure门户以找到“对象ID”和“资源ID”的值。
Step3 Login Azure portal using the guest user, you will find only the NSG in your all resources. 步骤3使用来宾用户登录Azure门户,您将在所有资源中仅找到NSG。
Solution 2 Azure Portal 解决方案2 Azure门户
Step1 You need to create a new guest user in azure active directory. 步骤1您需要在azure活动目录中创建一个新的来宾用户。 Go to Azure portal > Azure Active Directory >add a guest user > Go to your guest user Email and accept the invitation. 转到Azure门户> Azure Active Directory>添加来宾用户>转到来宾用户电子邮件并接受邀请。
Step2 Go to Your NSG> Access control> Add> Select a role and Select the guest user> Save 步骤2转到NSG>访问控制>添加>选择角色,然后选择来宾用户>保存
Step3 Login Azure portal using the guest user, you will find only the NSG in your all resources. 步骤3使用来宾用户登录Azure门户,您将在所有资源中仅找到NSG。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.